BlueVoyant TPRM API Reference
Version: 3b0fd4332
The BlueVoyant Third-Party Risk Management (formerly Supply Chain Defense) API is a GraphQL API that provides access to our risk scores and findings along with additional services and capabilities. This guide is designed to help users get started with our API, familiarize themselves with our offerings and understand how they can leverage our API to build out integrated solutions that bring value to clients.
How to Authenticate and Use The API
1. Get API Key
The BlueVoyant TPRM API requires an authentication key to be passed in an X-BlueVoyant-Auth header in order to return data. Users with API access in the TPRM or CDP portal can generate API keys from the "API Access" section under Settings, government users can use the "Generate API Token" application in Okta, or keys can be obtained by contacting the BlueVoyant team directly. Sample API key: "ERMSOjCzwgq51As6MVo-qT-6q_IQjp48nKtZAm1qKbd"
API keys will expire after 30 days of inactivity but will renew each time you use them. We recommend using a key at least monthly to ensure you do not run into authorization issues.
2. Determine Client UUID
To determine your allowed client UUID(s), use the myClients query, with an all-zero clientUuid:
https://api.bluevoyant.com/3pr/v1/clients/00000000-0000-0000-0000-000000000000/querylocationYour-Default-Customer3. Call the API with the Client UUID
Use the value in the "clientUuid" field returned from the above request to replace {clientUuid} in the API call, so
https://api.bluevoyant.com/3pr/v1/clients/{clientUuid}/queryhttps://api.bluevoyant.com/3pr/v1/clients/3fa85f64-5717-4562-b3fc-2c963f66afa6/querySample Queries
POST example with curl, getting emerging vulnerability summary info (emergingVulnerabilitySummaryInfo query)
curl -H "X-BlueVoyant-Auth: <API_KEY>" https://api.bluevoyant.com/3pr/v1/clients/3fa85f64-5717-4562-b3fc-2c963f66afa6/query -H 'Content-Type: application/json' -H 'Accept: application/json' -d '{ "query": "{ emergingVulnerabilitySummaryInfo ( limit: 10 offset: 0 filter: { sortBy: [{field: title direction:desc}] minNumOfThirdPartiesIdentified: 3 } ) { offset limit totalCount pageLength emergingVulnerabilitySummaries { id title numOfThirdPartiesAcknowledged numOfThirdPartiesIdentified numOfThirdPartiesMitigated versionIdentified notificationDate notificationDetails } } }" }'
The equivalent GET example with curl:
curl -H "X-BlueVoyant-Auth: <API_KEY>" 'https://api.bluevoyant.com/3pr/v1/clients/3fa85f64-5717-4562-b3fc-2c963f66afa6/query?query=%7B+emergingVulnerabilitySummaryInfo+(+limit%3A+10+offset%3A+0+filter%3A+%7B+sortBy%3A+%5B%7Bfield%3A+title+direction%3Adesc%7D%5D+minNumOfThirdPartiesIdentified%3A+3+%7D+)+%7B+offset+limit+totalCount+pageLength+emergingVulnerabilitySummaries+%7B+id+title+numOfThirdPartiesAcknowledged+numOfThirdPartiesIdentified+numOfThirdPartiesMitigated+versionIdentified+notificationDate+notificationDetails+%7D+%7D+%7D'
Role-Based Access to Operations
Access to GraphQL operations is limited to users with particular roles. When operations require additional access beyond the lowest-level role ("viewer"), it is indicated in the documentation.
To determine your user's roles and current level of access, use the myUserV1 query. To temporarily become the "admin" role if you have permission to do so (from the "can_admin" role), use the adminOn mutation.
Rate Limits
All API endpoints are rate-limited and you can make up to 250 requests per minute per IP. If you exceed the limit, you will be temporarily blocked and receive an error response for one minute after which you will be able to resume using the API again.
Users who have API access in the TPRM portal can use it to generate an API key. While you only need one API key, if you forgot to copy the API key you can generate up to nine more (10 keys can be requested per 10-minute window) before being blocked for one hour.
In addition, calls to the graphql endpoint are rate limited to maintain a capped average rate of retrieving data. Currently users can retrieve leaf nodes (strings, numbers, enums) at an average rate below 1 per 0.22ms or approximately 4545 leaf nodes per second. The maximum lockout is 60s. Rate limited requests will retrieve a http 429 response.
GraphQL Resources
API Endpoints
# GraphQL endpoint (GET or POST):
https://api.bluevoyant.com/3pr/v1/clients/{clientUuid}/query
Headers
# Your API token
X-BlueVoyant-Auth: <API_KEY>Queries
attributeInfo
Description
Get client-provided attributes across companies. Attributes can be used to filter and group companies.
Response
Returns an AttributeInfo
Arguments
| Name | Description |
|---|---|
portfolioTypes - [PortfolioType!]
|
The attributes will be limited to those associated with companies in the specified portfolio types. Default: 'external_regular' |
allowedAction - FilterAllowedAction
|
Filter by allowed action. Default 'view'. |
Example
Query
query attributeInfo(
$portfolioTypes: [PortfolioType!],
$allowedAction: FilterAllowedAction
) {
attributeInfo(
portfolioTypes: $portfolioTypes,
allowedAction: $allowedAction
) {
attributes
}
}
Variables
{"portfolioTypes": ["external_regular"], "allowedAction": "view"}
Response
{
"data": {
"attributeInfo": {
"attributes": ["xyz789"]
}
}
}
availableQuartersInfo
Description
Get quarters within the given start and end dates for which the client had any monitored companies and available scores
Response
Returns [AvailableQuarters!]!
Arguments
| Name | Description |
|---|---|
startDate - String!
|
The start of the date range. Date is in 'YYYY-MM-DD' format |
endDate - String!
|
The end of the date range. Date is in 'YYYY-MM-DD' format |
portfolioType - PortfolioType
|
The portfolio type is 'external_regular' |
Example
Query
query availableQuartersInfo(
$startDate: String!,
$endDate: String!,
$portfolioType: PortfolioType
) {
availableQuartersInfo(
startDate: $startDate,
endDate: $endDate,
portfolioType: $portfolioType
) {
year
quarter
startDate
endDate
count
}
}
Variables
{
"startDate": "2023-01-31",
"endDate": "2023-03-31",
"portfolioType": "external_regular"
}
Response
{
"data": {
"availableQuartersInfo": [
{
"year": 2023,
"quarter": 2,
"startDate": "2023-04-01T00:00:00Z",
"endDate": "2023-06-30T00:00:00Z",
"count": 987
}
]
}
}
bvgsPartsInfo
Description
Parts/products found by 202 Group for various suppliers. This is only available to government clients via api.bluevoyantgov.com for users with the 202_group_beta_testing role.
** EXPERIMENTAL **
Response
Returns an BVGSPartInfo
Arguments
| Name | Description |
|---|---|
filter - BVGSPartFilter
|
Default = null |
supplierFilter - BVGSSupplierFilter
|
Filter parts by supplier. Default = null |
locationFilter - BVGSLocationFilter
|
Filter parts by supplier location. Default = null |
sortBy - [BVGSPartSortBy!]
|
Default = null |
offset - Int!
|
Pagination - skip offset number of parts before returning up to limit number of parts. Default = 0 |
limit - Int
|
Pagination - skip offset number of parts before returning up to limit number of parts. Default = 1000 |
Example
Query
query bvgsPartsInfo(
$filter: BVGSPartFilter,
$supplierFilter: BVGSSupplierFilter,
$locationFilter: BVGSLocationFilter,
$sortBy: [BVGSPartSortBy!],
$offset: Int!,
$limit: Int
) {
bvgsPartsInfo(
filter: $filter,
supplierFilter: $supplierFilter,
locationFilter: $locationFilter,
sortBy: $sortBy,
offset: $offset,
limit: $limit
) {
offset
limit
totalCount
pageLength
parts {
...BVGSPartDataFragment
}
}
}
Variables
{
"filter": null,
"supplierFilter": null,
"locationFilter": null,
"sortBy": null,
"offset": 0,
"limit": 1000
}
Response
{
"data": {
"bvgsPartsInfo": {
"offset": 123,
"limit": 987,
"totalCount": 123,
"pageLength": 123,
"parts": [BVGSPartData]
}
}
}
bvgsProjectInfo
Response
Returns an BVGSProjectInfo
Arguments
| Name | Description |
|---|---|
filter - BVGSProjectFilter
|
Default = null |
sortBy - [BVGSProjectSortBy!]
|
Default = null |
offset - Int!
|
Pagination - skip offset number of projects before returning up to limit number of projects. Default = 0 |
limit - Int
|
Pagination - skip offset number of projects before returning up to limit number of projects. Default = 1000 |
Example
Query
query bvgsProjectInfo(
$filter: BVGSProjectFilter,
$sortBy: [BVGSProjectSortBy!],
$offset: Int!,
$limit: Int
) {
bvgsProjectInfo(
filter: $filter,
sortBy: $sortBy,
offset: $offset,
limit: $limit
) {
offset
limit
totalCount
pageLength
projects {
...BVGSProjectDataFragment
}
}
}
Variables
{"filter": null, "sortBy": null, "offset": 0, "limit": 1000}
Response
{
"data": {
"bvgsProjectInfo": {
"offset": 987,
"limit": 987,
"totalCount": 123,
"pageLength": 123,
"projects": [BVGSProjectData]
}
}
}
bvgsRiskEventInfo
Description
Risk events found by 202 Group for various suppliers. This is only available to government clients via api.bluevoyantgov.com for users with the 202_group_risk_events role.
Granularity: one entry per (client, project, supplier, event). A single underlying news event spanning multiple of a client's projects is collapsed via the supplier.projects array, but the row still represents the per-project view. To get one entry per (client, gold event), use bvgsRiskEventInfoByEvent instead. The goldEventId field on BVGSRiskEventData lets a caller correlate rows of the same underlying news event across clients and projects.
** EXPERIMENTAL **
Response
Returns an BVGSRiskEventInfo
Arguments
| Name | Description |
|---|---|
filter - BVGSRiskEventFilter
|
Default = null |
supplierFilter - BVGSSupplierFilter
|
Filter risk events by supplier. Default = null |
locationFilter - BVGSLocationFilter
|
Filter risk events by supplier location. Default = null |
sibSupportFilter - BVGSSibSupportFilter
|
Default = null |
sortBy - [BVGSRiskEventSortBy!]
|
Default = null |
offset - Int!
|
Pagination - skip offset number of risk event items before returning up to limit number of items. Default = 0 |
limit - Int
|
Pagination - skip offset number of risk event items before returning up to limit number of items. Default = 1000 |
Example
Query
query bvgsRiskEventInfo(
$filter: BVGSRiskEventFilter,
$supplierFilter: BVGSSupplierFilter,
$locationFilter: BVGSLocationFilter,
$sibSupportFilter: BVGSSibSupportFilter,
$sortBy: [BVGSRiskEventSortBy!],
$offset: Int!,
$limit: Int
) {
bvgsRiskEventInfo(
filter: $filter,
supplierFilter: $supplierFilter,
locationFilter: $locationFilter,
sibSupportFilter: $sibSupportFilter,
sortBy: $sortBy,
offset: $offset,
limit: $limit
) {
offset
limit
totalCount
pageLength
riskEvents {
...BVGSRiskEventDataFragment
}
}
}
Variables
{
"filter": null,
"supplierFilter": null,
"locationFilter": null,
"sibSupportFilter": null,
"sortBy": null,
"offset": 0,
"limit": 1000
}
Response
{
"data": {
"bvgsRiskEventInfo": {
"offset": 987,
"limit": 987,
"totalCount": 123,
"pageLength": 987,
"riskEvents": [BVGSRiskEventData]
}
}
}
bvgsRiskEventInfoByEvent
Description
Risk events found by 202 Group for various suppliers, aggregated to one row per (client, goldEventId). Same access controls and filters as bvgsRiskEventInfo.
Differences from bvgsRiskEventInfo:
- Grain: one entry per (client, goldEventId) rather than one entry per (client, project, supplier, event).
- supplier.projects shows every project the event applies to (within the user's accessible project set), not the single project of the row.
- goldEventId is the natural key for these rows. May be null for a small number of legacy rows that never received a gold id.
** EXPERIMENTAL **
Response
Returns an BVGSRiskEventInfo
Arguments
| Name | Description |
|---|---|
filter - BVGSRiskEventFilter
|
Default = null |
supplierFilter - BVGSSupplierFilter
|
Filter risk events by supplier. Default = null |
locationFilter - BVGSLocationFilter
|
Filter risk events by supplier location. Default = null |
sibSupportFilter - BVGSSibSupportFilter
|
Default = null |
sortBy - [BVGSRiskEventSortBy!]
|
Default = null |
offset - Int!
|
Pagination - skip offset number of risk event items before returning up to limit number of items. Default = 0 |
limit - Int
|
Pagination - skip offset number of risk event items before returning up to limit number of items. Default = 1000 |
Example
Query
query bvgsRiskEventInfoByEvent(
$filter: BVGSRiskEventFilter,
$supplierFilter: BVGSSupplierFilter,
$locationFilter: BVGSLocationFilter,
$sibSupportFilter: BVGSSibSupportFilter,
$sortBy: [BVGSRiskEventSortBy!],
$offset: Int!,
$limit: Int
) {
bvgsRiskEventInfoByEvent(
filter: $filter,
supplierFilter: $supplierFilter,
locationFilter: $locationFilter,
sibSupportFilter: $sibSupportFilter,
sortBy: $sortBy,
offset: $offset,
limit: $limit
) {
offset
limit
totalCount
pageLength
riskEvents {
...BVGSRiskEventDataFragment
}
}
}
Variables
{
"filter": null,
"supplierFilter": null,
"locationFilter": null,
"sibSupportFilter": null,
"sortBy": null,
"offset": 0,
"limit": 1000
}
Response
{
"data": {
"bvgsRiskEventInfoByEvent": {
"offset": 123,
"limit": 123,
"totalCount": 123,
"pageLength": 987,
"riskEvents": [BVGSRiskEventData]
}
}
}
bvgsSupplierInfo
Description
Suppliers found by 202 Group. This is only available to government clients via api.bluevoyantgov.com for users with the 202_group_beta_testing role.
** EXPERIMENTAL **
Response
Returns an BVGSSupplierInfo
Arguments
| Name | Description |
|---|---|
filter - BVGSSupplierFilter
|
Default = null |
locationFilter - BVGSLocationFilter
|
Filter suppliers by location. Default = null |
riskEventFilter - BVGSRiskEventFilter
|
Filter suppliers by risk events. Default = null |
hasRiskEvents - Boolean
|
If true, return only suppliers that have any risk events (matching any filters in riskEventFilter). If false, return only suppliers that have no risk events (matching any filters in riskEventFilters). |
sibSupportFilter - BVGSSibSupportFilter
|
Default = null |
sortBy - [BVGSSupplierSortBy!]
|
Default = null |
offset - Int!
|
Pagination - skip offset number of suppliers before returning up to limit number of suppliers. Default = 0 |
limit - Int
|
Pagination - skip offset number of suppliers before returning up to limit number of suppliers. Default = 1000 |
Example
Query
query bvgsSupplierInfo(
$filter: BVGSSupplierFilter,
$locationFilter: BVGSLocationFilter,
$riskEventFilter: BVGSRiskEventFilter,
$hasRiskEvents: Boolean,
$sibSupportFilter: BVGSSibSupportFilter,
$sortBy: [BVGSSupplierSortBy!],
$offset: Int!,
$limit: Int
) {
bvgsSupplierInfo(
filter: $filter,
locationFilter: $locationFilter,
riskEventFilter: $riskEventFilter,
hasRiskEvents: $hasRiskEvents,
sibSupportFilter: $sibSupportFilter,
sortBy: $sortBy,
offset: $offset,
limit: $limit
) {
offset
limit
totalCount
pageLength
suppliers {
...BVGSSupplierDataFragment
}
}
}
Variables
{
"filter": null,
"locationFilter": null,
"riskEventFilter": null,
"hasRiskEvents": true,
"sibSupportFilter": null,
"sortBy": null,
"offset": 0,
"limit": 1000
}
Response
{
"data": {
"bvgsSupplierInfo": {
"offset": 987,
"limit": 987,
"totalCount": 123,
"pageLength": 123,
"suppliers": [BVGSSupplierData]
}
}
}
caseHistoryInfo
Description
Escalated findings in time period
Response
Returns a CaseHistoryInfo
Arguments
| Name | Description |
|---|---|
filter - CaseHistoryFilter
|
A list of fields to be able to filter on. Default = null |
offset - Int!
|
The offset to start returning data on. Starts at 0. Default = 0 |
limit - Int
|
The maximum number of cases to return. Default = 1000 |
Example
Query
query caseHistoryInfo(
$filter: CaseHistoryFilter,
$offset: Int!,
$limit: Int
) {
caseHistoryInfo(
filter: $filter,
offset: $offset,
limit: $limit
) {
totalCount
pageLength
meanTimeToResolve
meanDurationActiveEscalated
cases {
...CaseWithCompanyFragment
}
}
}
Variables
{"filter": null, "offset": 0, "limit": 1000}
Response
{
"data": {
"caseHistoryInfo": {
"totalCount": 123,
"pageLength": 987,
"meanTimeToResolve": 123.45,
"meanDurationActiveEscalated": 987.65,
"cases": [CaseWithCompany]
}
}
}
caseStatistics
Description
Statistics regarding handling of escalated cases. If portfolioUuids and attributes are not specified, statistics are included regardless of whether the associated companies are still in the client's portfolios.
resolved{Start,End}Date allow filtering on the resolution time ts_first_resolved (or ts_first_escalated depending on the specific resolver). If neither date is specified, you will get both resolved and unresolved cases.
Response
Returns a CaseStatistics!
Arguments
| Name | Description |
|---|---|
resolvedStartDate - String
|
Date is in 'YYYY-MM-DD' format. Default = null |
resolvedEndDate - String
|
Date is in 'YYYY-MM-DD' format. Default = null |
activeEscalated - Boolean
|
Default = null |
escalatedOnly - Boolean
|
Default = null |
zeroTolerance - Boolean
|
Default = null |
critical - Boolean
|
Default = null |
portfolioUuids - [UUID!]
|
If provided, the statistics will be limited to those BV IDs that are currently in the client's portfolios associated with the specified portfolio UUIDs |
attributes - [String!]
|
If provided, the statistics will be limited to those BV IDs that are currently in the client's portfolios and associated with the specified attributes (which match case-sensitively, and exactly) |
bvids - [UUID!]
|
If specified, will be filtered by any portolios and attributes specified. Default = null |
Example
Query
query caseStatistics(
$resolvedStartDate: String,
$resolvedEndDate: String,
$activeEscalated: Boolean,
$escalatedOnly: Boolean,
$zeroTolerance: Boolean,
$critical: Boolean,
$portfolioUuids: [UUID!],
$attributes: [String!],
$bvids: [UUID!]
) {
caseStatistics(
resolvedStartDate: $resolvedStartDate,
resolvedEndDate: $resolvedEndDate,
activeEscalated: $activeEscalated,
escalatedOnly: $escalatedOnly,
zeroTolerance: $zeroTolerance,
critical: $critical,
portfolioUuids: $portfolioUuids,
attributes: $attributes,
bvids: $bvids
) {
cases
findings
companies
meanDaysToResolve
escalatedFindingTypes {
...EscalatedFindingCountFragment
}
companyCasesCounts {
...CompanyStatisticFragment
}
}
}
Variables
{
"resolvedStartDate": "2023-01-31",
"resolvedEndDate": "2023-03-31",
"activeEscalated": null,
"escalatedOnly": null,
"zeroTolerance": null,
"critical": null,
"portfolioUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"attributes": ["abc123"],
"bvids": null
}
Response
{
"data": {
"caseStatistics": {
"cases": 987,
"findings": 987,
"companies": 987,
"meanDaysToResolve": 987.65,
"escalatedFindingTypes": [EscalatedFindingCount],
"companyCasesCounts": [CompanyStatistic]
}
}
}
casesInPeriodStatistics
Description
Statistics regarding companies affected by handling of cases. If portfolioUuids and attributes are not specified, statistics are included regardless of whether the associated companies are still in the client's portfolios.
Response
Returns a CasesInPeriodStatistics!
Arguments
| Name | Description |
|---|---|
startDate - String!
|
Date is in 'YYYY-MM-DD' format |
endDate - String!
|
Date is in 'YYYY-MM-DD' format |
portfolioUuids - [UUID!]
|
If provided, the statistics will be limited to those BV IDs that are currently in the client's portfolios associated with the specified portfolio UUIDs |
attributes - [String!]
|
If provided, the statistics will be limited to those BV IDs that are currently in the client's portfolios and associated with the specified attributes (which match case-sensitively, and exactly) |
bvids - [UUID!]
|
If specified, will be filtered by any portolios and attributes specified. Default = null |
Example
Query
query casesInPeriodStatistics(
$startDate: String!,
$endDate: String!,
$portfolioUuids: [UUID!],
$attributes: [String!],
$bvids: [UUID!]
) {
casesInPeriodStatistics(
startDate: $startDate,
endDate: $endDate,
portfolioUuids: $portfolioUuids,
attributes: $attributes,
bvids: $bvids
) {
companiesResolvedInPeriod
companiesWithCreatedEscalationInPeriod
companiesWithEscalationAtStartOfPeriod
casesResolvedInPeriod
casesWithCreatedEscalationInPeriod
casesWithEscalationAtStartOfPeriod
emergingVulnerabilityCases
emergingVulnerabilityCompanies
caseResolutionPercentages {
...ResolutionPercentageFragment
}
controlResolutionPercentages {
...ResolutionPercentageFragment
}
companiesFullyResolvedInPeriod
companiesGoneBadInPeriod
}
}
Variables
{
"startDate": "2023-01-31",
"endDate": "2023-03-31",
"portfolioUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"attributes": ["xyz789"],
"bvids": null
}
Response
{
"data": {
"casesInPeriodStatistics": {
"companiesResolvedInPeriod": 123,
"companiesWithCreatedEscalationInPeriod": 987,
"companiesWithEscalationAtStartOfPeriod": 987,
"casesResolvedInPeriod": 123,
"casesWithCreatedEscalationInPeriod": 123,
"casesWithEscalationAtStartOfPeriod": 123,
"emergingVulnerabilityCases": 987,
"emergingVulnerabilityCompanies": 123,
"caseResolutionPercentages": [ResolutionPercentage],
"controlResolutionPercentages": [
ResolutionPercentage
],
"companiesFullyResolvedInPeriod": 987,
"companiesGoneBadInPeriod": 987
}
}
}
cdpClientInfo
Description
Information about CDP clients from the TPRM CDP client table. This information is synched from the CDP findAllCustomer endpoint. This endpoint can only be accessed with a special role.
Response
Returns a CdpClientInfo
Arguments
| Name | Description |
|---|---|
filter - CdpClientFilter
|
Default = null |
sortBy - [CdpClientSortBy!]
|
Default = null |
offset - Int!
|
Pagination - skip offset number of clients before returning up to limit number of clients. Default = 0 |
limit - Int
|
Pagination - skip offset number of clients before returning up to limit number of clients. Default = 10000 |
Example
Query
query cdpClientInfo(
$filter: CdpClientFilter,
$sortBy: [CdpClientSortBy!],
$offset: Int!,
$limit: Int
) {
cdpClientInfo(
filter: $filter,
sortBy: $sortBy,
offset: $offset,
limit: $limit
) {
offset
limit
totalCount
pageLength
cdpClients {
...CdpClientFragment
}
}
}
Variables
{"filter": null, "sortBy": null, "offset": 0, "limit": 10000}
Response
{
"data": {
"cdpClientInfo": {
"offset": 987,
"limit": 987,
"totalCount": 123,
"pageLength": 123,
"cdpClients": [CdpClient]
}
}
}
clientContactInfo
Description
Get client contacts (contacts at the client) responsible for escalations for one or more vendor/monitored companies
Response
Returns a ClientContactInfo
Arguments
| Name | Description |
|---|---|
filter - ContactFilter
|
Filters which contacts to return. Default = null |
allowedAction - FilterAllowedAction
|
Filter by allowed action. Default 'view'. |
offset - Int!
|
Pagination - skip offset contacts before returning up to limit of companies. Default = 0 |
limit - Int
|
Pagination - skip offset contacts before returning up to limit of companies. Default = 1000 |
Example
Query
query clientContactInfo(
$filter: ContactFilter,
$allowedAction: FilterAllowedAction,
$offset: Int!,
$limit: Int
) {
clientContactInfo(
filter: $filter,
allowedAction: $allowedAction,
offset: $offset,
limit: $limit
) {
offset
limit
totalCount
pageLength
clientContacts {
...ClientContactFragment
}
}
}
Variables
{"filter": null, "allowedAction": "view", "offset": 0, "limit": 1000}
Response
{
"data": {
"clientContactInfo": {
"offset": 123,
"limit": 123,
"totalCount": 987,
"pageLength": 123,
"clientContacts": [ClientContact]
}
}
}
companyInPeriodStatistics
Description
Statistics regarding companies during a specified period
Response
Returns a CompanyStatistics!
Arguments
| Name | Description |
|---|---|
startDate - String!
|
Date is in 'YYYY-MM-DD' format |
endDate - String!
|
Date is in 'YYYY-MM-DD' format |
portfolioUuids - [UUID!]
|
If provided, the statistics will be limited to those BV IDs that are currently in the client's portfolios associated with the specified portfolio UUIDs |
attributes - [String!]
|
If provided, the statistics will be limited to those BV IDs that are currently in the client's portfolios and associated with the specified attributes (which match case-sensitively, and exactly) |
portfolioType - PortfolioType
|
Only the 'external_regular' portfolio type is now valid. If provided, the statistics will be limited to those BV IDs that are currently in the client's portfolios |
Example
Query
query companyInPeriodStatistics(
$startDate: String!,
$endDate: String!,
$portfolioUuids: [UUID!],
$attributes: [String!],
$portfolioType: PortfolioType
) {
companyInPeriodStatistics(
startDate: $startDate,
endDate: $endDate,
portfolioUuids: $portfolioUuids,
attributes: $attributes,
portfolioType: $portfolioType
) {
meanCompanyScores {
...CompanyStatisticFragment
}
meanTimeToResolve {
...CompanyStatisticFragment
}
}
}
Variables
{
"startDate": "2023-01-31",
"endDate": "2023-03-31",
"portfolioUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"attributes": ["abc123"],
"portfolioType": "external_regular"
}
Response
{
"data": {
"companyInPeriodStatistics": {
"meanCompanyScores": [CompanyStatistic],
"meanTimeToResolve": [CompanyStatistic]
}
}
}
companyInfo
Description
This is the query to get information about companies within a client's portfolios.
Response
Returns a CompanyInfo
Arguments
| Name | Description |
|---|---|
filter - CompanyFilter
|
Filters which companies to return. Null indicates no restriction, EXCEPT by portfolioType, which is 'external_regular' by default. Default = null |
findingFilter - FindingFilter
|
Filter the findings found for each company. Default = null |
cpeCveFilter - CPECVEFilter
|
Filter cpe and cve entries to match only these specified. Default = null |
evFilter - EmergingVulnerabilityFilter
|
Default = null |
allowedAction - FilterAllowedAction
|
Filter by allowed action. Default 'view'. |
limitByFindings - Boolean!
|
If true, return only companies for which findings are retrieved. companyInfo is a multi-part query and the limit/offset refer to the main query, which first gets back all companies, filtered by any direct company filters (CompanyFilter). That set of company results is further limited by the finding filters. It might be preferable to use findingInfo to search for companies with particular findings, or increase the limit to larger than the total number of companies in your portfolios. Default = false |
limitByCPECVE - Boolean!
|
If true, return only companies for which CPE/CVEs are retrieved. companyInfo is a multi-part query and the limit/offset refer to the main query, which first gets back all companies, filtered by any direct company filters (CompanyFilter). That set of company results is further limited by the CPE/CVE filters. It might be necessary to increase the limit to larger than the total number of companies in your portfolios. Default = false |
limitByEmergingVulnerability - Boolean!
|
If true, and at least one EmergingVulnerability field is requested, return only companies for which emerging vulnerabilities are retrieved. companyInfo is a multi-part query and the limit/offset refer to the main query, which first gets back all companies, filtered by any direct company filters (CompanyFilter). That set of company results (the number of which appears in totalCount) is further limited by the emerging vulnerability filters (and the count appears in pageLength). It is preferable to use emergingVulnerabilitySummaryInfo or emergingVulnerabilityInfo to search for companies with particular emerging vulnerabilities, or increase the limit to larger than the total number of companies in your portfolios. Default = false |
offset - Int!
|
Pagination - skip offset companies before returning up to limit of companies. Default = 0 |
limit - Int
|
Pagination - skip offset companies before returning up to limit of companies. Default = 1000 |
Example
Query
query companyInfo(
$filter: CompanyFilter,
$findingFilter: FindingFilter,
$cpeCveFilter: CPECVEFilter,
$evFilter: EmergingVulnerabilityFilter,
$allowedAction: FilterAllowedAction,
$limitByFindings: Boolean!,
$limitByCPECVE: Boolean!,
$limitByEmergingVulnerability: Boolean!,
$offset: Int!,
$limit: Int
) {
companyInfo(
filter: $filter,
findingFilter: $findingFilter,
cpeCveFilter: $cpeCveFilter,
evFilter: $evFilter,
allowedAction: $allowedAction,
limitByFindings: $limitByFindings,
limitByCPECVE: $limitByCPECVE,
limitByEmergingVulnerability: $limitByEmergingVulnerability,
offset: $offset,
limit: $limit
) {
offset
limit
totalCount
pageLength
companies {
...CompanyFragment
}
commonAttributes
}
}
Variables
{
"filter": null,
"findingFilter": null,
"cpeCveFilter": null,
"evFilter": null,
"allowedAction": "view",
"limitByFindings": false,
"limitByCPECVE": false,
"limitByEmergingVulnerability": false,
"offset": 0,
"limit": 1000
}
Response
{
"data": {
"companyInfo": {
"offset": 987,
"limit": 123,
"totalCount": 123,
"pageLength": 987,
"companies": [Company],
"commonAttributes": ["xyz789"]
}
}
}
companyRequestInfo
Description
Get all requests to add a company, or all that match specified filters. This endpoint is restricted to users with analyst (and higher-level) roles.
Response
Returns a CompanyRequestInfo
Arguments
| Name | Description |
|---|---|
filter - CompanyRequestFilter
|
Default = null |
sortBy - [CompanyRequestSortBy!]
|
Default = null |
offset - Int!
|
Pagination - skip offset company requests before returning up to limit of company requests. Default = 0 |
limit - Int
|
Pagination - skip offset company requests before returning up to limit of company requests. Default = 1000 |
Example
Query
query companyRequestInfo(
$filter: CompanyRequestFilter,
$sortBy: [CompanyRequestSortBy!],
$offset: Int!,
$limit: Int
) {
companyRequestInfo(
filter: $filter,
sortBy: $sortBy,
offset: $offset,
limit: $limit
) {
offset
limit
totalCount
pageLength
companyRequests {
...CompanyRequestFragment
}
}
}
Variables
{"filter": null, "sortBy": null, "offset": 0, "limit": 1000}
Response
{
"data": {
"companyRequestInfo": {
"offset": 123,
"limit": 987,
"totalCount": 123,
"pageLength": 123,
"companyRequests": [CompanyRequest]
}
}
}
companySearch
Description
Search for companies known to BlueVoyant (as opposed to companies in a client's portfolios) that match a given name and/or domain. Returns companies with the best matching scores. Performs both exact and fuzzy matching against all domains and names associated with a company, and exact matching on domains in companies' footprints. This endpoint is restricted to users with manager (and higher-level) roles.
Error responses:
400 | Bad request (neither name nor domain is provided, or either one is too short)
Response
Returns a CompanySearchInfo
Example
Query
query companySearch(
$name: String,
$domain: String
) {
companySearch(
name: $name,
domain: $domain
) {
totalCount
pageLength
companySearchResults {
...CompanyWithSearchResultFragment
}
}
}
Variables
{
"name": "abc123",
"domain": "abc123"
}
Response
{
"data": {
"companySearch": {
"totalCount": 123,
"pageLength": 123,
"companySearchResults": [CompanyWithSearchResult]
}
}
}
configurationInfo
Description
Returns the TPRM client configuration along with the client's licensing information and service setups.
Response
Returns a ClientConfiguration
Arguments
| Name | Description |
|---|---|
active - Boolean
|
Filters only active licenses if set to true. Default = true |
Example
Query
query configurationInfo($active: Boolean) {
configurationInfo(active: $active) {
clientName
clientUuid
realmId
bvid
enableMrs
useClientEntityIds
clientEntityIdLabel
useEntityAttributes
entityAttributeLabel
enforceEntityQuota
entityQuota
entityCount
enforceEntityChurn
entityChurnPercent
entityChurnDays
entityChurnCount
enforceMaxEntityAdditions
maxEntityAdditions
entityAdditionsDays
entityAdditionsCount
enforceHvmEntityQuota
hvmEntityQuota
hvmEntityCount
enforceHvmEntityChurn
hvmEntityChurnPercent
hvmEntityChurnDays
hvmEntityChurnCount
enforceMaxHvmEntityAdditions
maxHvmEntityAdditions
hvmEntityAdditionsDays
hvmEntityAdditionsCount
licenseQuantity {
...LicenseQuantityFragment
}
serviceSetups {
...ServiceSetupFragment
}
}
}
Variables
{"active": true}
Response
{
"data": {
"configurationInfo": {
"clientName": "abc123",
"clientUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"realmId": "abc123",
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"enableMrs": false,
"useClientEntityIds": false,
"clientEntityIdLabel": "xyz789",
"useEntityAttributes": true,
"entityAttributeLabel": "xyz789",
"enforceEntityQuota": true,
"entityQuota": 123,
"entityCount": 123,
"enforceEntityChurn": false,
"entityChurnPercent": 987.65,
"entityChurnDays": 123,
"entityChurnCount": 987,
"enforceMaxEntityAdditions": true,
"maxEntityAdditions": 987,
"entityAdditionsDays": 987,
"entityAdditionsCount": 123,
"enforceHvmEntityQuota": false,
"hvmEntityQuota": 123,
"hvmEntityCount": 123,
"enforceHvmEntityChurn": false,
"hvmEntityChurnPercent": 123.45,
"hvmEntityChurnDays": 123,
"hvmEntityChurnCount": 987,
"enforceMaxHvmEntityAdditions": true,
"maxHvmEntityAdditions": 987,
"hvmEntityAdditionsDays": 123,
"hvmEntityAdditionsCount": 987,
"licenseQuantity": [LicenseQuantity],
"serviceSetups": [ServiceSetup]
}
}
}
cveCompanyInfo
Description
This is the query to get information about the cves affecting specific companies within a client's portfolios. Limited to companies for which the client has access to detailed datasets.
More limited (presently) than companyInfo but it does allow sorting by cve-related fields.
Response
Returns a CVECompanyInfo
Arguments
| Name | Description |
|---|---|
filter - CVECompanyFilter
|
Default = null |
offset - Int
|
|
limit - Int
|
Example
Query
query cveCompanyInfo(
$filter: CVECompanyFilter,
$offset: Int,
$limit: Int
) {
cveCompanyInfo(
filter: $filter,
offset: $offset,
limit: $limit
) {
offset
limit
totalCount
pageLength
companies {
...CVECompanyFragment
}
}
}
Variables
{"filter": null, "offset": 123, "limit": 987}
Response
{
"data": {
"cveCompanyInfo": {
"offset": 987,
"limit": 987,
"totalCount": 123,
"pageLength": 123,
"companies": [CVECompany]
}
}
}
dictionary
Description
Retrieve key/value mappings used in the TPRM portal and API as parameters or lookup values
Response
Returns a DataDictionary!
Example
Query
query dictionary {
dictionary {
industryCodes {
...DictionaryValueFragment
}
riskLevels {
...DictionaryValueFragment
}
severityLabels {
...DictionaryValueFragment
}
findingCodes {
...DictionaryValueFragment
}
findingDescriptions {
...DictionaryValueFragment
}
insightCodes {
...DictionaryValueFragment
}
attackSurfaceCodes {
...DictionaryValueFragment
}
questionnaireGroups {
...DictionaryValueFragment
}
}
}
Response
{
"data": {
"dictionary": {
"industryCodes": [DictionaryValue],
"riskLevels": [DictionaryValue],
"severityLabels": [DictionaryValue],
"findingCodes": [DictionaryValue],
"findingDescriptions": [DictionaryValue],
"insightCodes": [DictionaryValue],
"attackSurfaceCodes": [DictionaryValue],
"questionnaireGroups": [DictionaryValue]
}
}
}
emergingVulnerabilityInfo
Description
Information about emerging vulnerabilities and companies for which they have been detected. Generally these are recently revealed vulnerabilities that our analysts have manually located in our data and are not yet available as findings.
Null dates are assumed to indicate no restriction on date. Date in 'YYYY-MM-DD' format. Nulls for other parameters indicate no restriction in that dimension.
Response
Returns an EmergingVulnerabilityInfo
Arguments
| Name | Description |
|---|---|
filter - EmergingVulnerabilityFilter
|
Default = null |
offset - Int!
|
Pagination - skip offset emerging vulnerabilities before returning up to limit of emerging vulnerabilities. Default = 0 |
limit - Int
|
Pagination - skip offset emerging vulnerabilities before returning up to limit of emerging vulnerabilities. Default = 10000 |
Example
Query
query emergingVulnerabilityInfo(
$filter: EmergingVulnerabilityFilter,
$offset: Int!,
$limit: Int
) {
emergingVulnerabilityInfo(
filter: $filter,
offset: $offset,
limit: $limit
) {
offset
limit
totalCount
pageLength
emergingVulnerabilities {
...EmergingVulnerabilityFragment
}
}
}
Variables
{"filter": null, "offset": 0, "limit": 10000}
Response
{
"data": {
"emergingVulnerabilityInfo": {
"offset": 123,
"limit": 123,
"totalCount": 987,
"pageLength": 987,
"emergingVulnerabilities": [EmergingVulnerability]
}
}
}
emergingVulnerabilitySummaryInfo
Description
Summary information about emerging vulnerabilities. Generally these are recently revealed vulnerabilities that our analysts have manually located in our data and are not yet available as findings.
Response
Returns an EmergingVulnerabilitySummaryInfo
Arguments
| Name | Description |
|---|---|
filter - EmergingVulnerabilitySummaryFilter
|
Default = null |
evDetailFilter - EmergingVulnerabilityDetailFilter
|
Filter on EV details (companies) associated with an EV. Default = null |
offset - Int!
|
Pagination - skip offset emerging vulnerability summaries before returning up to limit of emerging vulnerability summaries. Default = 0 |
limit - Int
|
Pagination - skip offset emerging vulnerability summaries before returning up to limit of emerging vulnerability summaries. Default = 1000 |
Example
Query
query emergingVulnerabilitySummaryInfo(
$filter: EmergingVulnerabilitySummaryFilter,
$evDetailFilter: EmergingVulnerabilityDetailFilter,
$offset: Int!,
$limit: Int
) {
emergingVulnerabilitySummaryInfo(
filter: $filter,
evDetailFilter: $evDetailFilter,
offset: $offset,
limit: $limit
) {
offset
limit
totalCount
pageLength
emergingVulnerabilitySummaries {
...EmergingVulnerabilitySummaryFragment
}
}
}
Variables
{"filter": null, "evDetailFilter": null, "offset": 0, "limit": 1000}
Response
{
"data": {
"emergingVulnerabilitySummaryInfo": {
"offset": 987,
"limit": 987,
"totalCount": 123,
"pageLength": 987,
"emergingVulnerabilitySummaries": [
EmergingVulnerabilitySummary
]
}
}
}
findingInfo
Description
This is the query to get information about findings relating to companies within a client's (external_regular) portfolios.
Response
Returns a FindingInfo
Arguments
| Name | Description |
|---|---|
companyFilter - CompanyFilter
|
Filters which companies to return data for. Null indicates no restriction (except portfolioType='external_regular'). Default = null |
findingFilter - FindingFilter
|
Filter the findings to return. Null indicates no restriction. Default = null |
allowedAction - FilterAllowedAction
|
Filter by allowed action. Default 'view'. |
offset - Int!
|
Pagination - skip offset findings before returning up to limit of findings. Default = 0 |
limit - Int
|
Pagination - skip offset findings before returning up to limit of findings. Default = 1000 |
Example
Query
query findingInfo(
$companyFilter: CompanyFilter,
$findingFilter: FindingFilter,
$allowedAction: FilterAllowedAction,
$offset: Int!,
$limit: Int
) {
findingInfo(
companyFilter: $companyFilter,
findingFilter: $findingFilter,
allowedAction: $allowedAction,
offset: $offset,
limit: $limit
) {
offset
limit
totalCount
pageLength
findings {
...FindingFragment
}
}
}
Variables
{
"companyFilter": null,
"findingFilter": null,
"allowedAction": "view",
"offset": 0,
"limit": 1000
}
Response
{
"data": {
"findingInfo": {
"offset": 987,
"limit": 123,
"totalCount": 987,
"pageLength": 123,
"findings": [Finding]
}
}
}
globalClientConfigurationInfo
Description
Returns the client configuration for all commercial TPRM clients. This endpoint can only be accessed with a special role.
Response
Returns a GlobalClientConfigurationInfo
Arguments
| Name | Description |
|---|---|
filter - GlobalClientConfigurationFilter
|
All fields that can be filtered on |
sortBy - [GlobalClientConfigurationSortBy]
|
Sort returned clients by specified fields and directions |
offset - Int!
|
Pagination - skip offset number of client configuration items before returning up to limit number of items. Default = 0 |
limit - Int
|
Pagination - skip offset number of client configuration items before returning up to limit number of items. Default = 1000 |
Example
Query
query globalClientConfigurationInfo(
$filter: GlobalClientConfigurationFilter,
$sortBy: [GlobalClientConfigurationSortBy],
$offset: Int!,
$limit: Int
) {
globalClientConfigurationInfo(
filter: $filter,
sortBy: $sortBy,
offset: $offset,
limit: $limit
) {
totalCount
pageLength
clientConfigurations {
...GlobalClientConfigurationFragment
}
}
}
Variables
{
"filter": GlobalClientConfigurationFilter,
"sortBy": [GlobalClientConfigurationSortBy],
"offset": 0,
"limit": 1000
}
Response
{
"data": {
"globalClientConfigurationInfo": {
"totalCount": 123,
"pageLength": 123,
"clientConfigurations": [GlobalClientConfiguration]
}
}
}
globalUserInfo
Description
Get information about all CDP and TPRM users across clients. This endpoint is restricted to a special role.
Response
Returns a GlobalUserInfo
Arguments
| Name | Description |
|---|---|
filter - UserFilter
|
Filter users returned by various criteria. Default = null |
offset - Int!
|
Pagination - skip offset users before returning up to limit of users. Default = 0 |
limit - Int
|
Pagination - skip offset users before returning up to limit of users. Default = 200 |
Example
Query
query globalUserInfo(
$filter: UserFilter,
$offset: Int!,
$limit: Int
) {
globalUserInfo(
filter: $filter,
offset: $offset,
limit: $limit
) {
offset
limit
totalCount
pageLength
users {
...UserClientsFragment
}
}
}
Variables
{"filter": null, "offset": 0, "limit": 200}
Response
{
"data": {
"globalUserInfo": {
"offset": 123,
"limit": 987,
"totalCount": 123,
"pageLength": 123,
"users": [UserClients]
}
}
}
groupInfo
Description
Get information about Okta groups that can be assigned to users of the portals and TPRM API. This endpoint is restricted to admin users.
Response
Returns a GroupInfo
Arguments
| Name | Description |
|---|---|
filter - GroupFilter
|
Filter groups returned by various criteria. Default = null |
offset - Int!
|
Pagination - skip offset groups before returning up to limit of groups. Default = 0 |
limit - Int
|
Pagination - skip offset groups before returning up to limit of groups. Default = 200 |
Example
Query
query groupInfo(
$filter: GroupFilter,
$offset: Int!,
$limit: Int
) {
groupInfo(
filter: $filter,
offset: $offset,
limit: $limit
) {
offset
limit
totalCount
pageLength
groups {
...GroupFragment
}
}
}
Variables
{"filter": null, "offset": 0, "limit": 200}
Response
{
"data": {
"groupInfo": {
"offset": 123,
"limit": 987,
"totalCount": 123,
"pageLength": 123,
"groups": [Group]
}
}
}
insightsInfo
Description
Get insights about companies. Each field of InsightsInfo will identify what date field the filter applies to, or whether the startDate/endDate apply at all. Additional filters are available on some subqueries.
** Experimental **
Response
Returns an InsightsInfo
Arguments
| Name | Description |
|---|---|
startDate - String!
|
Start date should be in YYYY-MM-DD format or may be left as an empty string |
endDate - String!
|
End date should be in YYYY-MM-DD format or may be left as an empty string |
filter - PortfolioAttributeFilter
|
Limit results by portfolios, attributes, and or BV IDs. Default = null |
Example
Query
query insightsInfo(
$startDate: String!,
$endDate: String!,
$filter: PortfolioAttributeFilter
) {
insightsInfo(
startDate: $startDate,
endDate: $endDate,
filter: $filter
) {
fourthPartyExposure {
...ExposureDataWithCompanyInfoFragment
}
pdnsVendorDependency {
...PdnsVendorDependencyInfoFragment
}
vendorDependency {
...VendorDependencyInfoFragment
}
vendorDependencyLegacy {
...VendorDependencyLegacyInfoFragment
}
categorySummarizedCount {
...CategorySummarizedCountInfoFragment
}
vendorSummarizedCount {
...VendorSummarizedCountInfoFragment
}
productSummarizedCount {
...ProductSummarizedCountInfoFragment
}
companiesSummarizedCount {
...CompanySummarizedCountInfoFragment
}
vendorDependencyCountsPerCategory {
...VendorDependencyCountsPerCategoryInfoFragment
}
vendorDependencyCountsPerVendor {
...VendorDependencyCountsPerVendorInfoFragment
}
vendorDependencyCountsPerProduct {
...VendorDependencyCountsPerProductInfoFragment
}
emailSaasInsights {
...EmailSaasInsightsInfoFragment
}
emailSaasDomainWithoutSecurity {
...EmailSaasInsightsInfoFragment
}
bannerBusterInsights {
...BannerBusterInsightsInfoFragment
}
businessRisk {
...BusinessRiskInsightInfoFragment
}
cveCatalog {
...CVECatalogRollupInfoFragment
}
cveCatalogGeneric {
...CVECatalogGenericInfoFragment
}
}
}
Variables
{
"startDate": "abc123",
"endDate": "xyz789",
"filter": null
}
Response
{
"data": {
"insightsInfo": {
"fourthPartyExposure": ExposureDataWithCompanyInfo,
"pdnsVendorDependency": PdnsVendorDependencyInfo,
"vendorDependency": VendorDependencyInfo,
"vendorDependencyLegacy": VendorDependencyLegacyInfo,
"categorySummarizedCount": CategorySummarizedCountInfo,
"vendorSummarizedCount": VendorSummarizedCountInfo,
"productSummarizedCount": ProductSummarizedCountInfo,
"companiesSummarizedCount": CompanySummarizedCountInfo,
"vendorDependencyCountsPerCategory": VendorDependencyCountsPerCategoryInfo,
"vendorDependencyCountsPerVendor": VendorDependencyCountsPerVendorInfo,
"vendorDependencyCountsPerProduct": VendorDependencyCountsPerProductInfo,
"emailSaasInsights": EmailSaasInsightsInfo,
"emailSaasDomainWithoutSecurity": EmailSaasInsightsInfo,
"bannerBusterInsights": BannerBusterInsightsInfo,
"businessRisk": BusinessRiskInsightInfo,
"cveCatalog": CVECatalogRollupInfo,
"cveCatalogGeneric": CVECatalogGenericInfo
}
}
}
ipSearchInfo
Description
Search footprints of your monitored companies for specific IP addresses
Response
Returns an IpSearchInfo
Arguments
| Name | Description |
|---|---|
filter - IpSearchFilter
|
All fields allowed to filter on. Default = null |
offset - Int!
|
Pagination - skip offset number of risk event items before returning up to limit number of items. Default = 0 |
limit - Int
|
Pagination - skip offset number of risk event items before returning up to limit number of items. Default = 1000 |
Example
Query
query ipSearchInfo(
$filter: IpSearchFilter,
$offset: Int!,
$limit: Int
) {
ipSearchInfo(
filter: $filter,
offset: $offset,
limit: $limit
) {
totalCount
pageLength
ipSearch {
...IpSearchFragment
}
}
}
Variables
{"filter": null, "offset": 0, "limit": 1000}
Response
{
"data": {
"ipSearchInfo": {
"totalCount": 123,
"pageLength": 987,
"ipSearch": [IpSearch]
}
}
}
isInternal
Description
Returns true when this endpoint is the internal-prod tier, confirming that internal-only queries are available. Blocked on the public API.
Response
Returns a Boolean!
Example
Query
query isInternal {
isInternal
}
Response
{"data": {"isInternal": false}}
myClients
Description
Get all TPRM clients associated with the current user
Response
Returns [ClientMini!]
Example
Query
query myClients {
myClients {
clientUuid
clientName
defaultFlag
realmId
bvgsCustomerId
}
}
Response
{
"data": {
"myClients": [
{
"clientUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"clientName": "abc123",
"defaultFlag": true,
"realmId": "abc123",
"bvgsCustomerId": 123
}
]
}
}
myUser
Use myUserV1
Description
Get information about the current user associated with the client. Not all fields in the User object are available. Only the following fields can be requested: bvid, businessPhoneNumber, email, firstName, hasScd, hasTPRM, jobTitle, lastLoginTS, lastName, mobilePhoneNumber, primaryName, realmId, ssoManagedFlag, status, temporaryAdminExpirationTS, temporaryAdminFlag, username, userCategory, userClass, userType, uuid, functions:*, groups:description, groups:name, groups:uuid, roles:description, roles:name, roles:uuid, roles:policyPermissions:*. Deprecated
Response
Returns a User!
Arguments
| Name | Description |
|---|---|
includeCdpOnly - Boolean
|
If includeCdpOnly is false, the user is only returned if it has TPRM. If true, the user will be returned even if it only has CDP. |
Example
Query
query myUser($includeCdpOnly: Boolean) {
myUser(includeCdpOnly: $includeCdpOnly) {
uuid
username
firstName
lastName
email
status
userType
userCategory
userClass
bvid
primaryName
jobTitle
businessPhoneNumber
mobilePhoneNumber
ssoManagedFlag
lastLoginTS
createdTS
updatedTS
createdBy
updatedBy
realmId
hasScd
hasTPRM
roles {
...RoleFragment
}
groups {
...GroupFragment
}
functions {
...FunctionFragment
}
temporaryAdminFlag
temporaryAdminExpirationTS
}
}
Variables
{"includeCdpOnly": false}
Response
{
"data": {
"myUser": {
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"username": "xyz789",
"firstName": "xyz789",
"lastName": "xyz789",
"email": "xyz789",
"status": "STAGED",
"userType": "abc123",
"userCategory": "External",
"userClass": "Client",
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"primaryName": "xyz789",
"jobTitle": "xyz789",
"businessPhoneNumber": "abc123",
"mobilePhoneNumber": "xyz789",
"ssoManagedFlag": false,
"lastLoginTS": "abc123",
"createdTS": "abc123",
"updatedTS": "xyz789",
"createdBy": "xyz789",
"updatedBy": "abc123",
"realmId": "abc123",
"hasScd": true,
"hasTPRM": true,
"roles": [Role],
"groups": [Group],
"functions": [Function],
"temporaryAdminFlag": false,
"temporaryAdminExpirationTS": "2023-09-29T18:59:37Z"
}
}
}
myUserV1
Description
Get information about the current user associated with the client.
Response
Returns a UserData!
Example
Query
query myUserV1 {
myUserV1 {
user {
...UserBaseFragment
}
roles {
...RoleBaseFragment
}
roleGroups {
...RoleGroupDataRolesOnlyFragment
}
groups {
...GroupFragment
}
resourcePermissions {
...UserResourcePermissionFragment
}
}
}
Response
{
"data": {
"myUserV1": {
"user": UserBase,
"roles": [RoleBase],
"roleGroups": [RoleGroupDataRolesOnly],
"groups": [Group],
"resourcePermissions": [UserResourcePermission]
}
}
}
portfolioInfo
Description
Return portfolio with count
Response
Returns a PortfolioInfo
Arguments
| Name | Description |
|---|---|
filter - PortfolioFilter
|
Filters which portfolios to return. Null indicates no restriction, EXCEPT by portfolioType. Default = null |
allowedAction - FilterAllowedAction
|
Filter by allowed action. Default 'view'. |
offset - Int!
|
Default = 0 |
limit - Int
|
Default = 1000 |
Example
Query
query portfolioInfo(
$filter: PortfolioFilter,
$allowedAction: FilterAllowedAction,
$offset: Int!,
$limit: Int
) {
portfolioInfo(
filter: $filter,
allowedAction: $allowedAction,
offset: $offset,
limit: $limit
) {
offset
limit
totalCount
pageLength
portfolios {
...PortfolioDataFragment
}
}
}
Variables
{"filter": null, "allowedAction": "view", "offset": 0, "limit": 1000}
Response
{
"data": {
"portfolioInfo": {
"offset": 123,
"limit": 987,
"totalCount": 987,
"pageLength": 123,
"portfolios": [PortfolioData]
}
}
}
portfoliosAuditLog
Description
Return portfolio audit log data with count. This endpoint is restricted to users with manager (and higher-level) roles.
Response
Returns a PortfoliosAuditLog
Example
Query
query portfoliosAuditLog(
$offset: Int!,
$limit: Int
) {
portfoliosAuditLog(
offset: $offset,
limit: $limit
) {
offset
limit
totalCount
pageLength
portfoliosAuditLog {
...PortfoliosAuditLogDataFragment
}
}
}
Variables
{"offset": 0, "limit": 1000}
Response
{
"data": {
"portfoliosAuditLog": {
"offset": 987,
"limit": 123,
"totalCount": 987,
"pageLength": 123,
"portfoliosAuditLog": [PortfoliosAuditLogData]
}
}
}
riskFilterInfo
Description
Get information about client risk filters. Risk filters are used to generate ServiceNOW cases based on a set of conditions, or match rules. Match rules in the same risk filter are ANDed together. This endpoint is restricted to users with manager (and higher-level) roles.
Response
Returns a RiskFilterInfo
Arguments
| Name | Description |
|---|---|
filter - RiskFilterFilter
|
Fields to filter results by. Default = null |
offset - Int!
|
Pagination - skip offset risk filters before returning up to limit. Default = 0 |
limit - Int
|
Pagination - skip offset risk filters before returning up to limit. Default = 200 |
sortBy - [RiskFilterSortBy!]
|
Fields to sort by |
Example
Query
query riskFilterInfo(
$filter: RiskFilterFilter,
$offset: Int!,
$limit: Int,
$sortBy: [RiskFilterSortBy!]
) {
riskFilterInfo(
filter: $filter,
offset: $offset,
limit: $limit,
sortBy: $sortBy
) {
offset
limit
totalCount
pageLength
riskFilters {
...RiskFilterFragment
}
}
}
Variables
{
"filter": null,
"offset": 0,
"limit": 200,
"sortBy": [RiskFilterSortBy]
}
Response
{
"data": {
"riskFilterInfo": {
"offset": 123,
"limit": 123,
"totalCount": 123,
"pageLength": 987,
"riskFilters": [RiskFilter]
}
}
}
roleGroupInfo
Description
Get information about TPRM role groups that can be assigned to users of the portals and TPRM API. This endpoint is restricted to admin users.
Response
Returns a RoleGroupInfo
Arguments
| Name | Description |
|---|---|
allClientsFlag - Boolean
|
Get role groups across all clients. This field is restricted to a special role. |
filter - RoleGroupFilter
|
Filter role groups returned by various criteria. Default = null |
sortBy - [RoleGroupSortBy]
|
Sort role groups. Default = null |
offset - Int!
|
Pagination - skip offset roles before returning up to limit of role groups. Default = 0 |
limit - Int
|
Pagination - skip offset roles before returning up to limit of role groups. Default = 200 |
Example
Query
query roleGroupInfo(
$allClientsFlag: Boolean,
$filter: RoleGroupFilter,
$sortBy: [RoleGroupSortBy],
$offset: Int!,
$limit: Int
) {
roleGroupInfo(
allClientsFlag: $allClientsFlag,
filter: $filter,
sortBy: $sortBy,
offset: $offset,
limit: $limit
) {
offset
limit
totalCount
pageLength
roleGroups {
...RoleGroupDataFragment
}
}
}
Variables
{
"allClientsFlag": false,
"filter": null,
"sortBy": null,
"offset": 0,
"limit": 200
}
Response
{
"data": {
"roleGroupInfo": {
"offset": 123,
"limit": 987,
"totalCount": 123,
"pageLength": 123,
"roleGroups": [RoleGroupData]
}
}
}
roleInfo
Description
Get information about TPRM roles that can be assigned to users of the portals and TPRM API. This endpoint is restricted to admin users.
Response
Returns a RoleInfo
Arguments
| Name | Description |
|---|---|
filter - RoleFilter
|
Filter roles returned by various criteria. Default = null |
offset - Int!
|
Pagination - skip offset roles before returning up to limit of roles. Default = 0 |
limit - Int
|
Pagination - skip offset roles before returning up to limit of roles. Default = 200 |
Example
Query
query roleInfo(
$filter: RoleFilter,
$offset: Int!,
$limit: Int
) {
roleInfo(
filter: $filter,
offset: $offset,
limit: $limit
) {
offset
limit
totalCount
pageLength
roles {
...RoleFragment
}
roleData {
...RoleDataFragment
}
}
}
Variables
{"filter": null, "offset": 0, "limit": 200}
Response
{
"data": {
"roleInfo": {
"offset": 123,
"limit": 987,
"totalCount": 987,
"pageLength": 123,
"roles": [Role],
"roleData": [RoleData]
}
}
}
rolePolicyPermissionInfo
Description
Get information about policy permissions that form the basis of TPRM roles for the portals and TPRM API. This endpoint is restricted to admin users.
Response
Returns a RolePolicyPermissionInfo
Arguments
| Name | Description |
|---|---|
filter - RolePolicyPermissionFilter
|
Filter policy permissions returned by various criteria. Default = null |
Example
Query
query rolePolicyPermissionInfo($filter: RolePolicyPermissionFilter) {
rolePolicyPermissionInfo(filter: $filter) {
policyPermissions {
...RolePolicyPermissionFragment
}
}
}
Variables
{"filter": null}
Response
{
"data": {
"rolePolicyPermissionInfo": {
"policyPermissions": [RolePolicyPermission]
}
}
}
screenedCompanyInfo
Description
Get limited company information for companies under Cyber Screening. This endpoint is restricted to users with analyst (and higher-level) roles.
Response
Returns a ScreenedCompanyInfo
Arguments
| Name | Description |
|---|---|
filter - ScreenedCompanyFilter
|
Default = null |
sortBy - [ScreenedCompanySortBy!]
|
Default = null |
offset - Int!
|
Pagination - skip offset number of screened companies before returning up to limit number of items. Default = 0 |
limit - Int
|
Pagination - skip offset number of screened companies before returning up to limit number of items. Default = 1000 |
Example
Query
query screenedCompanyInfo(
$filter: ScreenedCompanyFilter,
$sortBy: [ScreenedCompanySortBy!],
$offset: Int!,
$limit: Int
) {
screenedCompanyInfo(
filter: $filter,
sortBy: $sortBy,
offset: $offset,
limit: $limit
) {
offset
limit
totalCount
pageLength
companies {
...ScreenedCompanyFragment
}
}
}
Variables
{"filter": null, "sortBy": null, "offset": 0, "limit": 1000}
Response
{
"data": {
"screenedCompanyInfo": {
"offset": 987,
"limit": 123,
"totalCount": 123,
"pageLength": 987,
"companies": [ScreenedCompany]
}
}
}
timeseries
Description
Get some time series data from between the start and end dates. Each metric may or may not additionally support filtering on portfolio, attribute or BV ID. If the parameter is used to filter the data it will be echoed back in the response for that metric. If it is not used it will be ignored. If portfolioUuids, attributes, and bvids are not specified, statistics are included regardless of whether the associated companies are still in the client's portfolios.
Response
Returns an AvailableTimeSeries!
Arguments
| Name | Description |
|---|---|
startDate - String!
|
Start of the time series. Date is in 'YYYY-MM-DD' format |
endDate - String!
|
End of the time series. Date is in 'YYYY-MM-DD' format |
portfolioType - PortfolioType
|
The time series will be limited to the specified portfolio type, which is 'external_regular' |
bvids - [UUID!]
|
If provided, the time series will be limited to the specified BV IDs |
portfolioUuids - [UUID!]
|
If provided, the time series will be limited to those BV IDs that are currently in the client's portfolios associated with the specified portfolio UUIDs |
attributes - [String!]
|
If provided, the time series will be limited to those BV IDs that are currently in the client's portfolios and associated with the specified attributes (which match case-sensitively, and exactly) |
Example
Query
query timeseries(
$startDate: String!,
$endDate: String!,
$portfolioType: PortfolioType,
$bvids: [UUID!],
$portfolioUuids: [UUID!],
$attributes: [String!]
) {
timeseries(
startDate: $startDate,
endDate: $endDate,
portfolioType: $portfolioType,
bvids: $bvids,
portfolioUuids: $portfolioUuids,
attributes: $attributes
) {
countEscalatedCases {
...TimeSeriesFragment
}
countResolvedCases {
...TimeSeriesFragment
}
countCompaniesEscalatedCases {
...TimeSeriesFragment
}
countCompaniesExceedingRisk {
...TimeSeriesFragment
}
meanScore {
...TimeSeriesFragment
}
totalPortfolioSize {
...TimeSeriesFragment
}
criticalCompanies {
...TimeSeriesFragment
}
highCompanies {
...TimeSeriesFragment
}
mediumCompanies {
...TimeSeriesFragment
}
lowCompanies {
...TimeSeriesFragment
}
}
}
Variables
{
"startDate": "2023-01-31",
"endDate": "2023-03-31",
"portfolioType": "external_regular",
"bvids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"portfolioUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"attributes": ["abc123"]
}
Response
{
"data": {
"timeseries": {
"countEscalatedCases": TimeSeries,
"countResolvedCases": TimeSeries,
"countCompaniesEscalatedCases": TimeSeries,
"countCompaniesExceedingRisk": TimeSeries,
"meanScore": TimeSeries,
"totalPortfolioSize": TimeSeries,
"criticalCompanies": TimeSeries,
"highCompanies": TimeSeries,
"mediumCompanies": TimeSeries,
"lowCompanies": TimeSeries
}
}
}
userClients
Description
Get client(s) associated with user. This endpoint is restricted to superadmin users.
Response
Returns [ClientMini!]
Arguments
| Name | Description |
|---|---|
userUuid - UUID!
|
Example
Query
query userClients($userUuid: UUID!) {
userClients(userUuid: $userUuid) {
clientUuid
clientName
defaultFlag
realmId
bvgsCustomerId
}
}
Variables
{
"userUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
}
Response
{
"data": {
"userClients": [
{
"clientUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"clientName": "xyz789",
"defaultFlag": false,
"realmId": "abc123",
"bvgsCustomerId": 123
}
]
}
}
userInfo
Description
Get information about users of the portals and TPRM API. This endpoint is restricted to admin users.
Response
Returns a UserInfo
Arguments
| Name | Description |
|---|---|
filter - UserFilter
|
Filter users returned by various criteria. Default = null |
realmId - String
|
Deprecated. The users for the client UUID or realm ID in the URL will be displayed. |
offset - Int!
|
Pagination - skip offset users before returning up to limit of users. Default = 0 |
limit - Int
|
Pagination - skip offset users before returning up to limit of users. Default = 200 |
Example
Query
query userInfo(
$filter: UserFilter,
$realmId: String,
$offset: Int!,
$limit: Int
) {
userInfo(
filter: $filter,
realmId: $realmId,
offset: $offset,
limit: $limit
) {
offset
limit
totalCount
pageLength
users {
...UserFragment
}
userData {
...UserDataFragment
}
}
}
Variables
{
"filter": null,
"realmId": "abc123",
"offset": 0,
"limit": 200
}
Response
{
"data": {
"userInfo": {
"offset": 123,
"limit": 987,
"totalCount": 123,
"pageLength": 123,
"users": [User],
"userData": [UserData]
}
}
}
vendorContactInfo
Description
Get vendor contacts (contacts at vendor/monitored companies) responsible for escalations for the company
Response
Returns a VendorContactInfo
Arguments
| Name | Description |
|---|---|
filter - ContactFilter
|
Filters which contacts to return. Default = null |
allowedAction - FilterAllowedAction
|
Filter by allowed action. Default 'view'. |
offset - Int!
|
Pagination - skip offset contacts before returning up to limit of companies. Default = 0 |
limit - Int
|
Pagination - skip offset contacts before returning up to limit of companies. Default = 1000 |
Example
Query
query vendorContactInfo(
$filter: ContactFilter,
$allowedAction: FilterAllowedAction,
$offset: Int!,
$limit: Int
) {
vendorContactInfo(
filter: $filter,
allowedAction: $allowedAction,
offset: $offset,
limit: $limit
) {
offset
limit
totalCount
pageLength
vendorContacts {
...VendorContactFragment
}
}
}
Variables
{"filter": null, "allowedAction": "view", "offset": 0, "limit": 1000}
Response
{
"data": {
"vendorContactInfo": {
"offset": 123,
"limit": 123,
"totalCount": 123,
"pageLength": 987,
"vendorContacts": [VendorContact]
}
}
}
Mutations
adminOff
Description
Revoke temporary admin privileges. This endpoint is restricted to users with the 'can_admin' role policy permission.
Response
Returns a Response!
Example
Query
mutation adminOff {
adminOff {
code
message
}
}
Response
{
"data": {
"adminOff": {
"code": 987,
"message": "xyz789"
}
}
}
adminOn
Description
Temporarily assume admin privileges. This endpoint is restricted to users with the 'can_admin' role policy permission. Default time permitted: 30 minutes. Maximum time permitted: 180 minutes
Example
Query
mutation adminOn($durationMinutes: Float) {
adminOn(durationMinutes: $durationMinutes) {
code
message
}
}
Variables
{"durationMinutes": 987.65}
Response
{
"data": {
"adminOn": {
"code": 123,
"message": "abc123"
}
}
}
apiKeyRevoke
Description
Will revoke the specified API key The key provided must match the key in the X-BlueVoyant-Auth header.
cdpClientCreate
Description
Create a new CDP client in the TPRM CDP client table with a name, cdpId (Salesforce ID), realmId, and optionally a TPRM clientUuid. This endpoint can only be accessed with a special role. If the TPRM clientUuid is provided, the associated record in the TPRM customer table will also be updated with the matching realmId.
Expected GraphQL error responses:
- 400 | Missing name, cdpId, or realmId
- 409 | A CDP client with this cdpId already exists
Response
Returns a CdpClient!
Arguments
| Name | Description |
|---|---|
input - CdpClientToAdd!
|
Example
Query
mutation cdpClientCreate($input: CdpClientToAdd!) {
cdpClientCreate(input: $input) {
id
cdpId
name
realmId
clientUuid
createdTS
updatedTS
createdBy
updatedBy
}
}
Variables
{"input": CdpClientToAdd}
Response
{
"data": {
"cdpClientCreate": {
"id": 123,
"cdpId": "xyz789",
"name": "abc123",
"realmId": "abc123",
"clientUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"createdTS": "-",
"updatedTS": "-",
"createdBy": "abc123",
"updatedBy": "xyz789"
}
}
}
cdpClientUpdate
Description
Update an existing CDP client in the TPRM CDP client table by either its cdpIdToLookup (Salesforce ID) or id (internal). This endpoint can only be accessed with a special role. If the TPRM clientUuid exists or is added/changed, the associated record(s) in the TPRM customer table will also be updated with the matching realmId (or the realmId will be removed).
Expected GraphQL error responses:
- 400 | Both cdpIdToLookup and id provided, or neither provided, or empty name provided, or no fields provided to update
- 404 | CDP client not found (by id or cdpIdToLookup)
- 409 | New cdpId already belongs to another CDP client
- 410 | Bad TPRM clientUuid provided
Expected responses within CdpClientResponse:
- 200 | OK
- 206 | Existing TPRM clientUuid is invalid, so TPRM client table will not be updated for that clientUuid, but the update to the CDP client table succeeded
Response
Returns a CdpClientResponse!
Arguments
| Name | Description |
|---|---|
input - CdpClientToUpdate!
|
Example
Query
mutation cdpClientUpdate($input: CdpClientToUpdate!) {
cdpClientUpdate(input: $input) {
code
message
success
cdpClient {
...CdpClientFragment
}
}
}
Variables
{"input": CdpClientToUpdate}
Response
{
"data": {
"cdpClientUpdate": {
"code": 987,
"message": "abc123",
"success": false,
"cdpClient": CdpClient
}
}
}
clientContactBulkCompanyUpdate
Description
Add, update, or delete company relationships for a specified client contact and filtered companies. This endpoint is restricted to users with analyst (and higher-level) roles.
Response
Returns a ClientContactBulkUpdate
Arguments
| Name | Description |
|---|---|
companyFilter - CompanyFilter!
|
Filters which companies for which to add, update, or delete relationships with a client contact. Null indicates no restriction, EXCEPT by portfolioType, which is 'external_regular' by default. At least one other filter is required. |
clientContactLookup - ClientContactLookup!
|
Client contact for which to add, update, or delete company relationships |
addCompanyRelationships - Boolean
|
Add or update company relationships to the contact. (Either addCompanyRelationships or deleteCompanyRelationships is required.). Default = false |
deleteCompanyRelationships - Boolean
|
Delete company relationships from the contact. (Either addCompanyRelationships or deleteCompanyRelationships is required.). Default = false |
escalationPreference - AddressType
|
Recipient field for contact's email address for the filtered companies : 'to' or 'cc' (primary/notification). (Required if addCompanyRelationships is specified) |
ignoreHarmlessErrors - Boolean
|
If true, ignore errors when trying to add company relationships that already exist, or trying to delete company relationships that don't exist. Existing relationships will have their escalation preferences updated if true. Default = false |
createNewClientContact - Boolean
|
If email doesn't exist and createNewClientContact is false, don't create a new client contact. Otherwise, create it and add any matching companies. Default = false |
Example
Query
mutation clientContactBulkCompanyUpdate(
$companyFilter: CompanyFilter!,
$clientContactLookup: ClientContactLookup!,
$addCompanyRelationships: Boolean,
$deleteCompanyRelationships: Boolean,
$escalationPreference: AddressType,
$ignoreHarmlessErrors: Boolean,
$createNewClientContact: Boolean
) {
clientContactBulkCompanyUpdate(
companyFilter: $companyFilter,
clientContactLookup: $clientContactLookup,
addCompanyRelationships: $addCompanyRelationships,
deleteCompanyRelationships: $deleteCompanyRelationships,
escalationPreference: $escalationPreference,
ignoreHarmlessErrors: $ignoreHarmlessErrors,
createNewClientContact: $createNewClientContact
) {
clientContact {
...ClientContactFragment
}
statuses {
...CompanyBulkUpdateStatusFragment
}
}
}
Variables
{
"companyFilter": "An example at this level does nothing, stuff them on the fields",
"clientContactLookup": ClientContactLookup,
"addCompanyRelationships": false,
"deleteCompanyRelationships": false,
"escalationPreference": "to",
"ignoreHarmlessErrors": false,
"createNewClientContact": false
}
Response
{
"data": {
"clientContactBulkCompanyUpdate": {
"clientContact": ClientContact,
"statuses": [CompanyBulkUpdateStatus]
}
}
}
clientContactCreate
Description
Create a client contact - a contact who works at the client and is responsible for escalations. This endpoint is restricted to users with analyst (and higher-level) roles.
Response
Returns a ClientContact!
Arguments
| Name | Description |
|---|---|
input - ClientContactToAdd!
|
Example
Query
mutation clientContactCreate($input: ClientContactToAdd!) {
clientContactCreate(input: $input) {
id
contactName
email
businessPhoneNumber
jobTitle
createdTS
updatedTS
createdBy
updatedBy
companyRelationshipInfo {
...ClientContactCompanyRelationshipInfoFragment
}
}
}
Variables
{"input": ClientContactToAdd}
Response
{
"data": {
"clientContactCreate": {
"id": 987,
"contactName": "abc123",
"email": "xyz789",
"businessPhoneNumber": "xyz789",
"jobTitle": "abc123",
"createdTS": "xyz789",
"updatedTS": "xyz789",
"createdBy": "abc123",
"updatedBy": "xyz789",
"companyRelationshipInfo": ClientContactCompanyRelationshipInfo
}
}
}
clientContactUpdate
Description
Update a client contact - a contact who works at the client and is responsible for escalations. This endpoint is restricted to users with analyst (and higher-level) roles.
Response
Returns a ClientContact!
Arguments
| Name | Description |
|---|---|
input - ClientContactToUpdate!
|
Example
Query
mutation clientContactUpdate($input: ClientContactToUpdate!) {
clientContactUpdate(input: $input) {
id
contactName
email
businessPhoneNumber
jobTitle
createdTS
updatedTS
createdBy
updatedBy
companyRelationshipInfo {
...ClientContactCompanyRelationshipInfoFragment
}
}
}
Variables
{"input": ClientContactToUpdate}
Response
{
"data": {
"clientContactUpdate": {
"id": 987,
"contactName": "abc123",
"email": "xyz789",
"businessPhoneNumber": "xyz789",
"jobTitle": "xyz789",
"createdTS": "xyz789",
"updatedTS": "abc123",
"createdBy": "abc123",
"updatedBy": "xyz789",
"companyRelationshipInfo": ClientContactCompanyRelationshipInfo
}
}
}
clientEntityDataUpdate
Description
Add/update/delete one or more client entity IDs with optional names and domains for a single company. Returns all client entity data associated with the specified company after the change. This endpoint is restricted to users with analyst (and higher-level) roles.
Expected error responses:
- 400 | Missing fields, mismatch between client entity ID and BV ID, or duplicates in input
- 404 | Client entity ID data to update or delete not found
- 409 | Client entity ID would be a duplicate, or no change
- 410 | Company not found in client's portfolios
- 500 | Internal server error
Response
Returns [ClientEntityData!]
Arguments
| Name | Description |
|---|---|
input - ClientEntityDataUpdate!
|
Example
Query
mutation clientEntityDataUpdate($input: ClientEntityDataUpdate!) {
clientEntityDataUpdate(input: $input) {
id
clientEntityId
clientEntityName
clientEntityDomain
createdBy
createdTS
updatedBy
updatedTS
}
}
Variables
{"input": ClientEntityDataUpdate}
Response
{
"data": {
"clientEntityDataUpdate": [
{
"id": 123,
"clientEntityId": "abc123",
"clientEntityName": "xyz789",
"clientEntityDomain": "abc123",
"createdBy": "abc123",
"createdTS": "-",
"updatedBy": "abc123",
"updatedTS": "-"
}
]
}
}
companyBulkUpdate
Description
Filter companies and either move the matched companies to a destination portfolio (with moveCompaniesToPortfolio set to true and destinationPortfolioUuid set), delete the matched companies (with deleteCompaniesFromPortfolios set to true), add an attribute to the matched companies (with attributeToAdd specified) or delete an attribute from the matched companies (with attributeToDelete specified). This endpoint is restricted to users with manager (and higher-level) roles.
Expected status responses (overall):
- 204 | No companies matched criteria
- 206 | Total count of companies matching criteria is larger than number of companies affected
- 400 | Bad request (including size of matched companies too large to update)
- 404 | Destination portfolio not found
- 412 | No companies match filter criteria
CompanyBulkUpdateStatus: Possible status for each BVID with moveCompaniesToPortfolio:
- 200 | OK (company moved successfully)
- 409 | BVID is already in the destination portfolio
- 410 | BVID is not in a portfolio (but matched initially)
- 422 | BVID is not unique across portfolios
- 428 | Quota would be exceeded
- 500 | Internal server error
CompanyBulkUpdateStatus: Possible status for each BVID with deleteCompaniesFromPortfolios:
- 200 | OK (company deleted successfully)
- 410 | BVID already is not in a portfolio (but matched initially)
- 422 | BVID is not unique across portfolios
- 423 | Currently can't delete BVID from an unmonitored portfolio
- 500 | Internal server error
CompanyBulkUpdateStatus: Possible status for each BVID with attributeToAdd:
- 200 | OK (company deleted successfully)
- 409 | Duplicate attribute, with an exact or case-insensitive match (Attributes are unique case-insensitively on a company)
- 500 | Internal server error
CompanyBulkUpdateStatus: Possible status for each BVID with attributeToDelete:
- 200 | OK (company deleted successfully)
- 404 | Attribute not found
- 500 | Internal server error
Response
Returns a CompanyBulkUpdate
Arguments
| Name | Description |
|---|---|
filter - CompanyFilter!
|
Required filter. Filters which company or companies to update or delete. At least one filter criterion other than portfolioType, which is 'external_regular' by default, must be specified. |
offset - Int!
|
Pagination - skip offset companies before matching up to limit of companies. Default = 0 |
limit - Int
|
Pagination - skip offset companies before matching up to limit of companies. Only 1000 companies can be updated at a time. Default = 1000 |
moveCompaniesToPortfolio - Boolean
|
If true, move the filtered companies to the portfolio specified in destinationPortfolioUuid. Default = false |
deleteCompaniesFromPortfolios - Boolean
|
If true, delete the filtered companies from the client's portfolios. Default = false |
destinationPortfolioUuid - UUID
|
With moveCompaniesToPortfolio, move filtered companies to the specified portfolio |
attributeToAdd - String
|
If specified, add this attribute to all filtered companies |
attributeToDelete - String
|
If specified, delete this attribute from all filtered companies |
ignoreHarmlessErrors - Boolean
|
If true, when moving companies to a portfolio, ignore errors if a company is already in the portfolio (409). If true, when deleting companies, ignore errors if a company is already not in the client's portfolios (410). If true, when adding an attribute, ignore errors if the attribute already exists on the company and is an exact match (409). Adding an attribute that matches an existing one but does not match its case (409) is not considered a harmless error. If true, when deleting an attribute, ignore errors if the attribute (exactly matching by case) already does not exist (404). Default = |
Example
Query
mutation companyBulkUpdate(
$filter: CompanyFilter!,
$offset: Int!,
$limit: Int,
$moveCompaniesToPortfolio: Boolean,
$deleteCompaniesFromPortfolios: Boolean,
$destinationPortfolioUuid: UUID,
$attributeToAdd: String,
$attributeToDelete: String,
$ignoreHarmlessErrors: Boolean
) {
companyBulkUpdate(
filter: $filter,
offset: $offset,
limit: $limit,
moveCompaniesToPortfolio: $moveCompaniesToPortfolio,
deleteCompaniesFromPortfolios: $deleteCompaniesFromPortfolios,
destinationPortfolioUuid: $destinationPortfolioUuid,
attributeToAdd: $attributeToAdd,
attributeToDelete: $attributeToDelete,
ignoreHarmlessErrors: $ignoreHarmlessErrors
) {
offset
limit
totalCount
pageLength
succeededCount
failedCount
statuses {
...CompanyBulkUpdateStatusFragment
}
}
}
Variables
{
"filter": "An example at this level does nothing, stuff them on the fields",
"offset": 0,
"limit": 1000,
"moveCompaniesToPortfolio": false,
"deleteCompaniesFromPortfolios": false,
"destinationPortfolioUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"attributeToAdd": "abc123",
"attributeToDelete": "xyz789",
"ignoreHarmlessErrors": false
}
Response
{
"data": {
"companyBulkUpdate": {
"offset": 987,
"limit": 987,
"totalCount": 123,
"pageLength": 987,
"succeededCount": 123,
"failedCount": 123,
"statuses": [CompanyBulkUpdateStatus]
}
}
}
companyRequestCancel
Description
Cancel a request to add a company to the system and portfolio, only if it has 'Received' status. This endpoint is restricted to users with manager (and higher-level) roles.
Response
Returns a CompanyRequestResponse!
Arguments
| Name | Description |
|---|---|
input - CompanyRequestToCancel!
|
Example
Query
mutation companyRequestCancel($input: CompanyRequestToCancel!) {
companyRequestCancel(input: $input) {
code
message
success
companyRequest {
...CompanyRequestFragment
}
}
}
Variables
{"input": CompanyRequestToCancel}
Response
{
"data": {
"companyRequestCancel": {
"code": 987,
"message": "abc123",
"success": false,
"companyRequest": CompanyRequest
}
}
}
companyRequestCreate
Description
Create a request to add a company to the system and portfolio if it cannot be found in the company search endpoint. This endpoint is restricted to users with manager (and higher-level) roles.
Response
Returns a CompanyRequestResponse!
Arguments
| Name | Description |
|---|---|
input - CompanyRequestToAdd!
|
Example
Query
mutation companyRequestCreate($input: CompanyRequestToAdd!) {
companyRequestCreate(input: $input) {
code
message
success
companyRequest {
...CompanyRequestFragment
}
}
}
Variables
{"input": CompanyRequestToAdd}
Response
{
"data": {
"companyRequestCreate": {
"code": 123,
"message": "xyz789",
"success": true,
"companyRequest": CompanyRequest
}
}
}
findingEscalationUpdateThirdParty
Description
Updates the third-party disposition for an escalated finding. This endpoint is restricted to Monitored_Company (third-party) users with a third_party* role.
Response
Returns a Response!
Arguments
| Name | Description |
|---|---|
input - FindingEscalationUpdateThirdParty!
|
Example
Query
mutation findingEscalationUpdateThirdParty($input: FindingEscalationUpdateThirdParty!) {
findingEscalationUpdateThirdParty(input: $input) {
code
message
}
}
Variables
{"input": FindingEscalationUpdateThirdParty}
Response
{
"data": {
"findingEscalationUpdateThirdParty": {
"code": 123,
"message": "abc123"
}
}
}
findingMessageAdd
Description
Appends a new message to existing message(s) for a finding. This endpoint is restricted to users with analyst (and higher-level) roles.
Response
Returns a Response!
Arguments
| Name | Description |
|---|---|
input - FindingMessage!
|
Example
Query
mutation findingMessageAdd($input: FindingMessage!) {
findingMessageAdd(input: $input) {
code
message
}
}
Variables
{"input": FindingMessage}
Response
{
"data": {
"findingMessageAdd": {
"code": 987,
"message": "abc123"
}
}
}
findingMessageAddThirdParty
Description
Appends a new message to existing message(s) for an escalated finding. This endpoint is restricted to Monitored_Company (third-party) users with a third_party* role.
Response
Returns a Response!
Arguments
| Name | Description |
|---|---|
input - FindingMessage!
|
Example
Query
mutation findingMessageAddThirdParty($input: FindingMessage!) {
findingMessageAddThirdParty(input: $input) {
code
message
}
}
Variables
{"input": FindingMessage}
Response
{
"data": {
"findingMessageAddThirdParty": {
"code": 123,
"message": "xyz789"
}
}
}
globalClientCreate
Description
Create a new TPRM client. This endpoint can only be accessed with a special role.
Expected GraphQL error responses:
- 400 | Missing name, salesForceId, snowSysId, or realmId; disallowed or invalid desk
- 404 | Desk not found
- 409 | A TPRM client with one of the provided fields already exists
Expected responses within GlobalClientResponse:
- 201 | Created
- 206 | Client was created but desk addition(s) failed
Response
Returns a GlobalClientResponse!
Arguments
| Name | Description |
|---|---|
input - GlobalClientToAdd!
|
Example
Query
mutation globalClientCreate($input: GlobalClientToAdd!) {
globalClientCreate(input: $input) {
code
message
success
client {
...GlobalClientConfigurationFragment
}
}
}
Variables
{"input": GlobalClientToAdd}
Response
{
"data": {
"globalClientCreate": {
"code": 987,
"message": "abc123",
"success": false,
"client": GlobalClientConfiguration
}
}
}
globalClientUpdate
Description
Update a TPRM client. This endpoint can only be accessed with a special role. Archived clients cannot be updated, and clients cannot be archived here. Non-okta (government) desks cannot be changed either.
Expected GraphQL error responses:
- 400 | Disallowed or invalid desk, or no desks provided, or nothing to change
- 404 | Desk not found
- 409 | No desks would remain after change
- 404 | Client UUID not found
- 412 | Can't remove system default client from desks
- 422 | Can't change archived client
Expected responses within GlobalClientResponse:
- 200 | OK
- 206 | Desk change(s) failed
Response
Returns a GlobalClientResponse!
Arguments
| Name | Description |
|---|---|
input - GlobalClientToUpdate!
|
Example
Query
mutation globalClientUpdate($input: GlobalClientToUpdate!) {
globalClientUpdate(input: $input) {
code
message
success
client {
...GlobalClientConfigurationFragment
}
}
}
Variables
{"input": GlobalClientToUpdate}
Response
{
"data": {
"globalClientUpdate": {
"code": 123,
"message": "xyz789",
"success": false,
"client": GlobalClientConfiguration
}
}
}
portfolioCompanyAdd
Description
Add a company to a portfolio. This endpoint is restricted to users with manager (and higher-level) roles. Expected status responses:
- 200 | OK (company that was added)
- 400 | Bad request
- 401 | Client not found
- 404 | No portfolio found for client
- 409 | Company is already in portfolio/client-provided entity ID is on another company
- 410 | Company not found
- 422 | No official variant found for company because it has not yet been footprinted
- 423 | Company cannot currently be added to an unmonitored portfolio/company is restricted
- 428 | Quota would be exceeded
Response
Returns a CompanyByService!
Arguments
| Name | Description |
|---|---|
bvid - UUID!
|
The unique BlueVoyant identifier (BV ID) of the company. |
portfolioUuid - UUID!
|
Portfolio ID |
clientEntityIds - [ClientEntityDataInput!]
|
Client-provided IDs (along with optional names or domains) for the company. clientEntityIds must be unique across all companies in the client's portfolios. |
attributes - [String!]
|
Client-provided attributes or tags that can be associated with one or more companies, used for filtering or grouping companies. Default = null |
Example
Query
mutation portfolioCompanyAdd(
$bvid: UUID!,
$portfolioUuid: UUID!,
$clientEntityIds: [ClientEntityDataInput!],
$attributes: [String!]
) {
portfolioCompanyAdd(
bvid: $bvid,
portfolioUuid: $portfolioUuid,
clientEntityIds: $clientEntityIds,
attributes: $attributes
) {
... on Company {
...CompanyFragment
}
... on CompanyHVM {
...CompanyHVMFragment
}
... on CompanyBROnly {
...CompanyBROnlyFragment
}
}
}
Variables
{
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"portfolioUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"clientEntityIds": [ClientEntityDataInput],
"attributes": null
}
Response
{"data": {"portfolioCompanyAdd": Company}}
portfolioCreate
Description
Create/Insert a portfolio. This endpoint is restricted to users with manager (and higher-level) roles. Expected status responses:
- 200 | OK (The newly added portfolio)
- 400 | Bad request/missing portfolio name
- 401 | Client not found
- 409 | New portfolio name already exists
Response
Returns a PortfolioData!
Arguments
| Name | Description |
|---|---|
input - PortfolioToAdd!
|
Example
Query
mutation portfolioCreate($input: PortfolioToAdd!) {
portfolioCreate(input: $input) {
portfolioName
portfolioType
portfolioUuid
companyCount
description
createdBy
createdTS
updatedBy
updatedTS
}
}
Variables
{"input": PortfolioToAdd}
Response
{
"data": {
"portfolioCreate": {
"portfolioName": "abc123",
"portfolioType": "external_regular",
"portfolioUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"companyCount": 123,
"description": "xyz789",
"createdBy": "xyz789",
"createdTS": "abc123",
"updatedBy": "abc123",
"updatedTS": "abc123"
}
}
}
portfolioDelete
Description
Delete a portfolio. This endpoint is restricted to users with manager (and higher-level) roles. Expected status responses:
- 200 | OK (Status/message for each company BVID that matches filters)
- 400 | Bad request
- 401 | Client not found
- 412 | Portfolio contains companies and 'force' is not true
- 423 | Deletion of non-empty unmonitored portfolio not permitted
Response
Returns a Response!
Example
Query
mutation portfolioDelete(
$portfolioUuid: UUID!,
$force: Boolean
) {
portfolioDelete(
portfolioUuid: $portfolioUuid,
force: $force
) {
code
message
}
}
Variables
{
"portfolioUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"force": false
}
Response
{
"data": {
"portfolioDelete": {
"code": 123,
"message": "xyz789"
}
}
}
portfolioUpdate
Description
Update a portfolio. This endpoint is restricted to users with manager (and higher-level) roles. Expected status responses:
- 200 | OK (The edited portfolio)
- 400 | Bad request
- 401 | Client not found
- 404 | Portfolio not found
- 428 | Quota would be exceeded on type change
Response
Returns a PortfolioData!
Arguments
| Name | Description |
|---|---|
input - PortfolioToUpdate!
|
Example
Query
mutation portfolioUpdate($input: PortfolioToUpdate!) {
portfolioUpdate(input: $input) {
portfolioName
portfolioType
portfolioUuid
companyCount
description
createdBy
createdTS
updatedBy
updatedTS
}
}
Variables
{"input": PortfolioToUpdate}
Response
{
"data": {
"portfolioUpdate": {
"portfolioName": "xyz789",
"portfolioType": "external_regular",
"portfolioUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"companyCount": 123,
"description": "xyz789",
"createdBy": "xyz789",
"createdTS": "abc123",
"updatedBy": "abc123",
"updatedTS": "abc123"
}
}
}
riskFilterCreate
Description
Create a new risk filter for client, with the given description. This endpoint is restricted to admin users.
NOT YET AVAILABLE - Please contact your CSM.
Expected error responses:
- 400 | Bad request (poorly formed or invalid input)
Response
Returns a RiskFilter!
Arguments
| Name | Description |
|---|---|
input - RiskFilterToAdd!
|
Example
Query
mutation riskFilterCreate($input: RiskFilterToAdd!) {
riskFilterCreate(input: $input) {
riskFilterId
description
matchRules {
...RiskFilterMatchRuleFragment
}
enabled
updatedTS
}
}
Variables
{"input": RiskFilterToAdd}
Response
{
"data": {
"riskFilterCreate": {
"riskFilterId": 123,
"description": "xyz789",
"matchRules": [RiskFilterMatchRule],
"enabled": true,
"updatedTS": "2024-02-06T20:24:21"
}
}
}
riskFilterDelete
Description
Delete a risk filter. This endpoint is restricted to admin users.
NOT YET AVAILABLE - Please contact your CSM.
Expected error responses:
- 404 | Risk filter not found
- 412 | Risk filter contains match rules and 'force' is not true
Response
Returns a Response!
Arguments
| Name | Description |
|---|---|
input - RiskFilterToDelete!
|
Example
Query
mutation riskFilterDelete($input: RiskFilterToDelete!) {
riskFilterDelete(input: $input) {
code
message
}
}
Variables
{"input": RiskFilterToDelete}
Response
{
"data": {
"riskFilterDelete": {
"code": 987,
"message": "abc123"
}
}
}
riskFilterUpdate
Description
Update the description and/or enabled fields of a risk filter for client. This endpoint is restricted to admin users.
NOT YET AVAILABLE - Please contact your CSM.
Expected error responses:
- 400 | Bad request (poorly formed or invalid input), or nothing to update
- 404 | Risk filter not found, or match rule to be updated or deleted is not found
Response
Returns a RiskFilter!
Arguments
| Name | Description |
|---|---|
input - RiskFilterToUpdate!
|
Example
Query
mutation riskFilterUpdate($input: RiskFilterToUpdate!) {
riskFilterUpdate(input: $input) {
riskFilterId
description
matchRules {
...RiskFilterMatchRuleFragment
}
enabled
updatedTS
}
}
Variables
{"input": RiskFilterToUpdate}
Response
{
"data": {
"riskFilterUpdate": {
"riskFilterId": 123,
"description": "abc123",
"matchRules": [RiskFilterMatchRule],
"enabled": true,
"updatedTS": "2024-02-06T20:24:21"
}
}
}
roleCreate
Description
Create a role to manage users' access to the TPRM portal and API. This endpoint is restricted to admin users.
NOT AVAILABLE
Response
Returns a Role!
Arguments
| Name | Description |
|---|---|
input - RoleToAdd!
|
Example
Query
mutation roleCreate($input: RoleToAdd!) {
roleCreate(input: $input) {
uuid
name
description
configurableFlag
assignableFlag
extensionFlag
defaultFlag
clientUuid
createdTS
updatedTS
createdBy
updatedBy
policyPermissions {
...RolePolicyPermissionFragment
}
resourcePermissions {
...RoleResourcePermissionFragment
}
users {
...UserFragment
}
}
}
Variables
{"input": RoleToAdd}
Response
{
"data": {
"roleCreate": {
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"name": "abc123",
"description": "abc123",
"configurableFlag": false,
"assignableFlag": false,
"extensionFlag": false,
"defaultFlag": true,
"clientUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"createdTS": "abc123",
"updatedTS": "abc123",
"createdBy": "xyz789",
"updatedBy": "xyz789",
"policyPermissions": [RolePolicyPermission],
"resourcePermissions": [RoleResourcePermission],
"users": [User]
}
}
}
roleDelete
Description
Delete a role. (The role must not be associated with any users and must have configurableFlag set to true.) This endpoint is restricted to admin users.
NOT AVAILABLE
roleGroupCreate
Description
Create a role group to contain roles that control users' access to the TPRM portal and API. This endpoint is restricted to admin users.
Response
Returns a RoleGroupResponse!
Arguments
| Name | Description |
|---|---|
input - RoleGroupToAdd!
|
Example
Query
mutation roleGroupCreate($input: RoleGroupToAdd!) {
roleGroupCreate(input: $input) {
code
message
success
roleGroup {
...RoleGroupDataRolesOnlyFragment
}
}
}
Variables
{"input": RoleGroupToAdd}
Response
{
"data": {
"roleGroupCreate": {
"code": 987,
"message": "abc123",
"success": true,
"roleGroup": RoleGroupDataRolesOnly
}
}
}
roleGroupDelete
Description
Delete a role group. This endpoint is restricted to admin users.
Example
Query
mutation roleGroupDelete($uuid: UUID!) {
roleGroupDelete(uuid: $uuid) {
code
message
}
}
Variables
{
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
}
Response
{
"data": {
"roleGroupDelete": {
"code": 987,
"message": "abc123"
}
}
}
roleGroupUpdate
Description
Update an existing role group that contains roles and manages users' access to the TPRM portal and API. This endpoint is restricted to admin users.
Response
Returns a RoleGroupResponse!
Arguments
| Name | Description |
|---|---|
input - RoleGroupToUpdate!
|
Example
Query
mutation roleGroupUpdate($input: RoleGroupToUpdate!) {
roleGroupUpdate(input: $input) {
code
message
success
roleGroup {
...RoleGroupDataRolesOnlyFragment
}
}
}
Variables
{"input": RoleGroupToUpdate}
Response
{
"data": {
"roleGroupUpdate": {
"code": 123,
"message": "xyz789",
"success": true,
"roleGroup": RoleGroupDataRolesOnly
}
}
}
roleGroupUsersAdd
Description
Add users to role group
Response
Returns a UserBulkUpdateResponse!
Arguments
| Name | Description |
|---|---|
input - RoleGroupUsersToUpdate!
|
Example
Query
mutation roleGroupUsersAdd($input: RoleGroupUsersToUpdate!) {
roleGroupUsersAdd(input: $input) {
succeededCount
failedCount
statuses {
...UserBulkUpdateStatusFragment
}
}
}
Variables
{"input": RoleGroupUsersToUpdate}
Response
{
"data": {
"roleGroupUsersAdd": {
"succeededCount": 987,
"failedCount": 123,
"statuses": [UserBulkUpdateStatus]
}
}
}
roleGroupUsersDelete
Description
Delete users from role group
Response
Returns a UserBulkUpdateResponse!
Arguments
| Name | Description |
|---|---|
input - RoleGroupUsersToUpdate!
|
Example
Query
mutation roleGroupUsersDelete($input: RoleGroupUsersToUpdate!) {
roleGroupUsersDelete(input: $input) {
succeededCount
failedCount
statuses {
...UserBulkUpdateStatusFragment
}
}
}
Variables
{"input": RoleGroupUsersToUpdate}
Response
{
"data": {
"roleGroupUsersDelete": {
"succeededCount": 123,
"failedCount": 987,
"statuses": [UserBulkUpdateStatus]
}
}
}
roleUpdate
Description
Update an existing role to manage users' access to the TPRM portal and API. This endpoint is restricted to admin users.
NOT AVAILABLE
Response
Returns a Role!
Arguments
| Name | Description |
|---|---|
input - RoleToUpdate!
|
Example
Query
mutation roleUpdate($input: RoleToUpdate!) {
roleUpdate(input: $input) {
uuid
name
description
configurableFlag
assignableFlag
extensionFlag
defaultFlag
clientUuid
createdTS
updatedTS
createdBy
updatedBy
policyPermissions {
...RolePolicyPermissionFragment
}
resourcePermissions {
...RoleResourcePermissionFragment
}
users {
...UserFragment
}
}
}
Variables
{"input": RoleToUpdate}
Response
{
"data": {
"roleUpdate": {
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"name": "abc123",
"description": "abc123",
"configurableFlag": true,
"assignableFlag": true,
"extensionFlag": true,
"defaultFlag": true,
"clientUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"createdTS": "xyz789",
"updatedTS": "xyz789",
"createdBy": "abc123",
"updatedBy": "xyz789",
"policyPermissions": [RolePolicyPermission],
"resourcePermissions": [RoleResourcePermission],
"users": [User]
}
}
}
screenedCompanyAdd
Description
Add a company to cyber screening. This endpoint is restricted to users with analyst (and higher-level) roles. Expected status responses:
- 200 | OK (Response contains company that was added)
- 202 | Company has been added but not yet scored (Response contains partial company that was added)
- 400 | Bad request
- 401 | Client not found
- 409 | Company already has cyber screening, OR company is already in portfolio OR client-provided entity ID is on another company
- 410 | Company not found
- 422 | No official variant found for company because it has not yet been footprinted
- 423 | Company is restricted
- 428 | No license for cyber screening
Response
Returns a ScreenedCompanyResponse!
Arguments
| Name | Description |
|---|---|
bvid - UUID!
|
The unique BlueVoyant identifier (BV ID) of the company. |
clientEntityData - [ClientEntityDataToAdd!]
|
Client-provided IDs (along with optional names or domains) for the company. clientEntityIds must be unique across all companies in the client's portfolios. |
attributes - [String!]
|
Client-provided attributes or tags that can be associated with one or more companies, used for filtering or grouping companies. Default = null |
Example
Query
mutation screenedCompanyAdd(
$bvid: UUID!,
$clientEntityData: [ClientEntityDataToAdd!],
$attributes: [String!]
) {
screenedCompanyAdd(
bvid: $bvid,
clientEntityData: $clientEntityData,
attributes: $attributes
) {
code
message
success
company {
...ScreenedCompanyFragment
}
}
}
Variables
{
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"clientEntityData": [ClientEntityDataToAdd],
"attributes": null
}
Response
{
"data": {
"screenedCompanyAdd": {
"code": 123,
"message": "abc123",
"success": false,
"company": ScreenedCompany
}
}
}
userActivate
Description
Activate a STAGED or DEPROVISIONED user and send it an email with activation instructions. The user will remain in PROVISIONED status until completing the activation sequence. This endpoint is restricted to admin users.
Example
Query
mutation userActivate($uuid: UUID!) {
userActivate(uuid: $uuid) {
code
message
}
}
Variables
{
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
}
Response
{
"data": {
"userActivate": {
"code": 987,
"message": "xyz789"
}
}
}
userClientAdd
Use userCreateV1
Description
Add a client to an existing user. This endpoint is restricted to superadmin users.
Response
Returns [ClientMini!]
Arguments
| Name | Description |
|---|---|
input - UserClientAdd!
|
Example
Query
mutation userClientAdd($input: UserClientAdd!) {
userClientAdd(input: $input) {
clientUuid
clientName
defaultFlag
realmId
bvgsCustomerId
}
}
Variables
{"input": UserClientAdd}
Response
{
"data": {
"userClientAdd": [
{
"clientUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"clientName": "abc123",
"defaultFlag": false,
"realmId": "abc123",
"bvgsCustomerId": 987
}
]
}
}
userClientDelete
Use userRolesUpdate and remove all TPRM roles
Description
Remove a client from an existing user (if it's the only client). This endpoint is restricted to admin users.
Response
Returns a Response!
Arguments
| Name | Description |
|---|---|
input - UserClientDelete!
|
Example
Query
mutation userClientDelete($input: UserClientDelete!) {
userClientDelete(input: $input) {
code
message
}
}
Variables
{"input": UserClientDelete}
Response
{
"data": {
"userClientDelete": {
"code": 123,
"message": "abc123"
}
}
}
userClientSetDefault
Description
Set the default client for a user to one of its current clients. Non-admin users can only set their own default, so cannot specify the input argument.
Response
Returns [ClientMini!]
Arguments
| Name | Description |
|---|---|
input - UserClientSetDefault
|
Example
Query
mutation userClientSetDefault($input: UserClientSetDefault) {
userClientSetDefault(input: $input) {
clientUuid
clientName
defaultFlag
realmId
bvgsCustomerId
}
}
Variables
{"input": UserClientSetDefault}
Response
{
"data": {
"userClientSetDefault": [
{
"clientUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"clientName": "abc123",
"defaultFlag": true,
"realmId": "abc123",
"bvgsCustomerId": 123
}
]
}
}
userCreate
Use userCreateV1
Description
Create a user that can access the TPRM portal and API. If the user is new to the system, the user will receive an email with login instructions; other adjustments will be made as necessary if the user exists but does not have the requested access. If cdpOnly is true, the user will have a realm added, and roleUuids may be specified as an empty array. The user will not have access to TPRM. This endpoint is restricted to admin users.
Response
Returns a User!
Arguments
| Name | Description |
|---|---|
input - UserToAdd!
|
|
cdpOnly - Boolean
|
Example
Query
mutation userCreate(
$input: UserToAdd!,
$cdpOnly: Boolean
) {
userCreate(
input: $input,
cdpOnly: $cdpOnly
) {
uuid
username
firstName
lastName
email
status
userType
userCategory
userClass
bvid
primaryName
jobTitle
businessPhoneNumber
mobilePhoneNumber
ssoManagedFlag
lastLoginTS
createdTS
updatedTS
createdBy
updatedBy
realmId
hasScd
hasTPRM
roles {
...RoleFragment
}
groups {
...GroupFragment
}
functions {
...FunctionFragment
}
temporaryAdminFlag
temporaryAdminExpirationTS
}
}
Variables
{"input": UserToAdd, "cdpOnly": false}
Response
{
"data": {
"userCreate": {
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"username": "xyz789",
"firstName": "xyz789",
"lastName": "abc123",
"email": "xyz789",
"status": "STAGED",
"userType": "xyz789",
"userCategory": "External",
"userClass": "Client",
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"primaryName": "xyz789",
"jobTitle": "xyz789",
"businessPhoneNumber": "xyz789",
"mobilePhoneNumber": "abc123",
"ssoManagedFlag": true,
"lastLoginTS": "abc123",
"createdTS": "abc123",
"updatedTS": "abc123",
"createdBy": "xyz789",
"updatedBy": "xyz789",
"realmId": "xyz789",
"hasScd": true,
"hasTPRM": false,
"roles": [Role],
"groups": [Group],
"functions": [Function],
"temporaryAdminFlag": false,
"temporaryAdminExpirationTS": "2023-09-29T18:59:37Z"
}
}
}
userCreateV1
Description
Create a user that can access the CDP portal and, optionally, TPRM functionality. If the user is new to the system, the user will receive an email with login instructions; other adjustments will be made as necessary if the user exists but does not have the requested access. If no roleUuids are specified, the user will have a realm added, but will not have access to TPRM. This endpoint is restricted to admin users.
Expected GraphQL error responses:
- 400 | Bad request: Resource permissions provided with no roles; or no realm available for user with only CDP requested; or missing required field; or field value disallowed or invalid
- 403 | Not allowed to create user with this domain or Okta server
- 404 | Group ID in input.groupUuids is not found
- 409 | User already exists on this client
- 412 | User already exists in Okta with a different realm ID; User already exists in Okta with a realm ID that doesn't match this client's realm ID; User is in Okta but is inaccessible
Expected responses within UserResponse:
- 200 | User already existed (either in Okta, or in both Okta and the database), but was successfully updated to match the requested client/roles/resource permissions. The user fields such as firstName/lastName are not updated.
- 201 | Created
Response
Returns a UserResponse!
Arguments
| Name | Description |
|---|---|
input - UserToAddV1!
|
Example
Query
mutation userCreateV1($input: UserToAddV1!) {
userCreateV1(input: $input) {
code
message
success
userData {
...UserDataFragment
}
}
}
Variables
{"input": UserToAddV1}
Response
{
"data": {
"userCreateV1": {
"code": 987,
"message": "xyz789",
"success": true,
"userData": UserData
}
}
}
userDeactivate
Description
Deactivate a user, which will remove the user's groups, and block access to the portals and TPRM API. The user cannot already have DEPROVISIONED status. This endpoint is restricted to admin users. The user must be associated with only one client/CDP realm. Expected status responses:
- 200 | OK
- 400 | User is already DEPROVISIONED (deactivated)
- 403 | User cannot be administered (or access forbidden)
- 404 | User not found for client or realm
- 412 | User is associated with multiple clients or realms
Example
Query
mutation userDeactivate($uuid: UUID!) {
userDeactivate(uuid: $uuid) {
code
message
}
}
Variables
{
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
}
Response
{
"data": {
"userDeactivate": {
"code": 123,
"message": "xyz789"
}
}
}
userDelete
Description
Delete a DEPROVISIONED user. This endpoint is restricted to admin users. The user must be associated with only one client/CDP realm. Expected status responses:
- 200 | OK
- 400 | User is not DEPROVISIONED (deactivated)
- 403 | User cannot be administered (or access forbidden)
- 404 | User not found for client or realm
- 412 | User is associated with multiple clients or realms
userFactorsReset
Description
Reset a user's factors (MFA). User cannot be DEPROVISIONED. This endpoint is restricted to admin users.
Example
Query
mutation userFactorsReset($uuid: UUID!) {
userFactorsReset(uuid: $uuid) {
code
message
}
}
Variables
{
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
}
Response
{
"data": {
"userFactorsReset": {
"code": 987,
"message": "xyz789"
}
}
}
userGroupsUpdate
Description
Update a user's Okta groups by providing groups to add and/or delete. Only the '3pr-api-accounts' group, which provides access in the TPRM portal to API key generation for the public TPRM API, and the 'Show-3pr-OnCentrl-Link' group, which gives access to the questionnaire portal from the portals, may be added to or removed from a user at this time. This endpoint is restricted to admin users.
Response
Returns a User!
Arguments
| Name | Description |
|---|---|
input - UserGroupsToUpdate!
|
Example
Query
mutation userGroupsUpdate($input: UserGroupsToUpdate!) {
userGroupsUpdate(input: $input) {
uuid
username
firstName
lastName
email
status
userType
userCategory
userClass
bvid
primaryName
jobTitle
businessPhoneNumber
mobilePhoneNumber
ssoManagedFlag
lastLoginTS
createdTS
updatedTS
createdBy
updatedBy
realmId
hasScd
hasTPRM
roles {
...RoleFragment
}
groups {
...GroupFragment
}
functions {
...FunctionFragment
}
temporaryAdminFlag
temporaryAdminExpirationTS
}
}
Variables
{"input": UserGroupsToUpdate}
Response
{
"data": {
"userGroupsUpdate": {
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"username": "abc123",
"firstName": "abc123",
"lastName": "abc123",
"email": "abc123",
"status": "STAGED",
"userType": "abc123",
"userCategory": "External",
"userClass": "Client",
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"primaryName": "xyz789",
"jobTitle": "abc123",
"businessPhoneNumber": "abc123",
"mobilePhoneNumber": "abc123",
"ssoManagedFlag": true,
"lastLoginTS": "abc123",
"createdTS": "xyz789",
"updatedTS": "abc123",
"createdBy": "abc123",
"updatedBy": "xyz789",
"realmId": "xyz789",
"hasScd": true,
"hasTPRM": false,
"roles": [Role],
"groups": [Group],
"functions": [Function],
"temporaryAdminFlag": true,
"temporaryAdminExpirationTS": "2023-09-29T18:59:37Z"
}
}
}
userPasswordExpire
Description
Expire a user's password and puts it in PASSWORD_EXPIRED status. The user will be required to change their password at the next login. User cannot be DEPROVISIONED or SUSPENDED. This endpoint is restricted to admin users.
Example
Query
mutation userPasswordExpire($uuid: UUID!) {
userPasswordExpire(uuid: $uuid) {
code
message
}
}
Variables
{
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
}
Response
{
"data": {
"userPasswordExpire": {
"code": 987,
"message": "xyz789"
}
}
}
userPasswordReset
Description
Reset a user's password, which puts the user in RECOVERY status if ACTIVE (or leaves it in PROVISIONED), and sends an email to it. User cannot be DEPROVISIONED or SUSPENDED. This endpoint is restricted to admin users.
Example
Query
mutation userPasswordReset($uuid: UUID!) {
userPasswordReset(uuid: $uuid) {
code
message
}
}
Variables
{
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
}
Response
{
"data": {
"userPasswordReset": {
"code": 123,
"message": "abc123"
}
}
}
userReactivate
Description
Reactivate a PROVISIONED user and (re)send it an email with activation instructions. This endpoint is restricted to admin users.
Example
Query
mutation userReactivate($uuid: UUID!) {
userReactivate(uuid: $uuid) {
code
message
}
}
Variables
{
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
}
Response
{
"data": {
"userReactivate": {
"code": 987,
"message": "xyz789"
}
}
}
userRolesUpdate
Use userRolesUpdateV1
Description
Update a user's TPRM roles and/or resource permissions by providing roles and/or resource permissions to add and/or delete, or replace all. This endpoint is restricted to admin users.
Response
Returns a User!
Arguments
| Name | Description |
|---|---|
input - UserRolesToUpdate!
|
Example
Query
mutation userRolesUpdate($input: UserRolesToUpdate!) {
userRolesUpdate(input: $input) {
uuid
username
firstName
lastName
email
status
userType
userCategory
userClass
bvid
primaryName
jobTitle
businessPhoneNumber
mobilePhoneNumber
ssoManagedFlag
lastLoginTS
createdTS
updatedTS
createdBy
updatedBy
realmId
hasScd
hasTPRM
roles {
...RoleFragment
}
groups {
...GroupFragment
}
functions {
...FunctionFragment
}
temporaryAdminFlag
temporaryAdminExpirationTS
}
}
Variables
{"input": UserRolesToUpdate}
Response
{
"data": {
"userRolesUpdate": {
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"username": "xyz789",
"firstName": "abc123",
"lastName": "abc123",
"email": "abc123",
"status": "STAGED",
"userType": "abc123",
"userCategory": "External",
"userClass": "Client",
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"primaryName": "abc123",
"jobTitle": "xyz789",
"businessPhoneNumber": "xyz789",
"mobilePhoneNumber": "xyz789",
"ssoManagedFlag": true,
"lastLoginTS": "xyz789",
"createdTS": "abc123",
"updatedTS": "abc123",
"createdBy": "abc123",
"updatedBy": "xyz789",
"realmId": "xyz789",
"hasScd": true,
"hasTPRM": true,
"roles": [Role],
"groups": [Group],
"functions": [Function],
"temporaryAdminFlag": false,
"temporaryAdminExpirationTS": "2023-09-29T18:59:37Z"
}
}
}
userRolesUpdateV1
Description
Update a user's TPRM roles and/or resource permissions by providing roles and/or resource permissions to add and/or delete, or replace all. This endpoint is restricted to admin users.
Response
Returns a UserResponse!
Arguments
| Name | Description |
|---|---|
input - UserRolesToUpdateV1!
|
Example
Query
mutation userRolesUpdateV1($input: UserRolesToUpdateV1!) {
userRolesUpdateV1(input: $input) {
code
message
success
userData {
...UserDataFragment
}
}
}
Variables
{"input": UserRolesToUpdateV1}
Response
{
"data": {
"userRolesUpdateV1": {
"code": 123,
"message": "xyz789",
"success": true,
"userData": UserData
}
}
}
userSuspend
Description
Suspend an ACTIVE user, preventing it from logging in. This endpoint is restricted to admin users.
Example
Query
mutation userSuspend($uuid: UUID!) {
userSuspend(uuid: $uuid) {
code
message
}
}
Variables
{
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
}
Response
{
"data": {
"userSuspend": {
"code": 987,
"message": "abc123"
}
}
}
userUnlock
Description
Unlock a LOCKED_OUT user, returning it to ACTIVE status. This endpoint is restricted to admin users.
userUnsuspend
Description
Unsuspend a SUSPENDED user, returning it to ACTIVE status. This endpoint is restricted to admin users.
Example
Query
mutation userUnsuspend($uuid: UUID!) {
userUnsuspend(uuid: $uuid) {
code
message
}
}
Variables
{
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
}
Response
{
"data": {
"userUnsuspend": {
"code": 123,
"message": "abc123"
}
}
}
userUpdate
Use userUpdateV1
Description
Update some attributes for a user. If the username is changed, the user will receive an email at the old email address. This endpoint is restricted to admin users.
Response
Returns a User!
Arguments
| Name | Description |
|---|---|
input - UserToUpdate!
|
Example
Query
mutation userUpdate($input: UserToUpdate!) {
userUpdate(input: $input) {
uuid
username
firstName
lastName
email
status
userType
userCategory
userClass
bvid
primaryName
jobTitle
businessPhoneNumber
mobilePhoneNumber
ssoManagedFlag
lastLoginTS
createdTS
updatedTS
createdBy
updatedBy
realmId
hasScd
hasTPRM
roles {
...RoleFragment
}
groups {
...GroupFragment
}
functions {
...FunctionFragment
}
temporaryAdminFlag
temporaryAdminExpirationTS
}
}
Variables
{"input": UserToUpdate}
Response
{
"data": {
"userUpdate": {
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"username": "abc123",
"firstName": "abc123",
"lastName": "xyz789",
"email": "abc123",
"status": "STAGED",
"userType": "xyz789",
"userCategory": "External",
"userClass": "Client",
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"primaryName": "abc123",
"jobTitle": "abc123",
"businessPhoneNumber": "abc123",
"mobilePhoneNumber": "xyz789",
"ssoManagedFlag": false,
"lastLoginTS": "xyz789",
"createdTS": "xyz789",
"updatedTS": "abc123",
"createdBy": "abc123",
"updatedBy": "abc123",
"realmId": "abc123",
"hasScd": true,
"hasTPRM": true,
"roles": [Role],
"groups": [Group],
"functions": [Function],
"temporaryAdminFlag": true,
"temporaryAdminExpirationTS": "2023-09-29T18:59:37Z"
}
}
}
userUpdateV1
Description
Update some attributes for a user. If the username is changed, the user will receive an email at the old email address. This endpoint is restricted to admin users.
Response
Returns a UserResponse!
Arguments
| Name | Description |
|---|---|
input - UserToUpdate!
|
Example
Query
mutation userUpdateV1($input: UserToUpdate!) {
userUpdateV1(input: $input) {
code
message
success
userData {
...UserDataFragment
}
}
}
Variables
{"input": UserToUpdate}
Response
{
"data": {
"userUpdateV1": {
"code": 987,
"message": "xyz789",
"success": false,
"userData": UserData
}
}
}
vendorContactCreate
Description
Create a vendor contact - a contact at a monitored company who is responsible for escalations. This endpoint is restricted to users with analyst (and higher-level) roles.
Response
Returns a VendorContact!
Arguments
| Name | Description |
|---|---|
input - VendorContactToAdd!
|
Example
Query
mutation vendorContactCreate($input: VendorContactToAdd!) {
vendorContactCreate(input: $input) {
id
contactName
firstName
lastName
email
jobTitle
businessPhoneNumber
bvid
primaryName
escalationPreference
addressType
mobilePhoneNumber
customerProvided
requirePortalProvision
source
createdTS
updatedTS
createdBy
updatedBy
}
}
Variables
{"input": VendorContactToAdd}
Response
{
"data": {
"vendorContactCreate": {
"id": 123,
"contactName": "abc123",
"firstName": "abc123",
"lastName": "abc123",
"email": "xyz789",
"jobTitle": "abc123",
"businessPhoneNumber": "abc123",
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"primaryName": "abc123",
"escalationPreference": "to",
"addressType": "to",
"mobilePhoneNumber": "abc123",
"customerProvided": false,
"requirePortalProvision": false,
"source": "xyz789",
"createdTS": "xyz789",
"updatedTS": "abc123",
"createdBy": "abc123",
"updatedBy": "xyz789"
}
}
}
vendorContactDelete
Description
Delete a vendor contact - a contact at a monitored company who is responsible for escalations. This endpoint is restricted to users with analyst (and higher-level) roles.
Response
Returns a Response!
Arguments
| Name | Description |
|---|---|
input - ContactToDelete!
|
Example
Query
mutation vendorContactDelete($input: ContactToDelete!) {
vendorContactDelete(input: $input) {
code
message
}
}
Variables
{"input": ContactToDelete}
Response
{
"data": {
"vendorContactDelete": {
"code": 987,
"message": "xyz789"
}
}
}
vendorContactUpdate
Description
Update a vendor contact - a contact at a monitored company who is responsible for escalations. This endpoint is restricted to users with analyst (and higher-level) roles.
Response
Returns a VendorContact!
Arguments
| Name | Description |
|---|---|
input - VendorContactToUpdate!
|
Example
Query
mutation vendorContactUpdate($input: VendorContactToUpdate!) {
vendorContactUpdate(input: $input) {
id
contactName
firstName
lastName
email
jobTitle
businessPhoneNumber
bvid
primaryName
escalationPreference
addressType
mobilePhoneNumber
customerProvided
requirePortalProvision
source
createdTS
updatedTS
createdBy
updatedBy
}
}
Variables
{"input": VendorContactToUpdate}
Response
{
"data": {
"vendorContactUpdate": {
"id": 987,
"contactName": "xyz789",
"firstName": "xyz789",
"lastName": "abc123",
"email": "xyz789",
"jobTitle": "abc123",
"businessPhoneNumber": "xyz789",
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"primaryName": "xyz789",
"escalationPreference": "to",
"addressType": "to",
"mobilePhoneNumber": "abc123",
"customerProvided": true,
"requirePortalProvision": false,
"source": "abc123",
"createdTS": "xyz789",
"updatedTS": "xyz789",
"createdBy": "xyz789",
"updatedBy": "xyz789"
}
}
}
Types
AddressType
Description
Email address recipient field for contact
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"to"
Asset
Description
An IP or domain on which findings might appear
Example
{
"asset": "abc123",
"findings": ["xyz789"],
"numberOfFindings": 123,
"numberOfObservations": 987,
"lastUpdated": "abc123"
}
AttributeInfo
Description
This is the holder for attributes, from the attributeInfo query.
Fields
| Field Name | Description |
|---|---|
attributes - [String!]
|
A unique set of all attributes in case-insensitive alphabetical order that are associated with the filtered companies |
Example
{"attributes": ["abc123"]}
AvailableQuarters
Description
Quarters within the given start and end dates for which the client had any monitored companies and available scores, returned by the availableQuartersInfo query
Fields
| Field Name | Description |
|---|---|
year - Int!
|
The year in 'YYYY' format |
quarter - Int!
|
The quarter of the year (1-4) |
startDate - String!
|
The timestamp of the beginning of the quarter |
endDate - String!
|
The timestamp of the end of the quarter |
count - Int!
|
The number of distinct companies in the client's portfolios at any time during the quarter |
Example
{
"year": 2023,
"quarter": 2,
"startDate": "2023-04-01T00:00:00Z",
"endDate": "2023-06-30T00:00:00Z",
"count": 123
}
AvailableTimeSeries
Description
All time series that can be returned by a timeseries query
Fields
| Field Name | Description |
|---|---|
countEscalatedCases - TimeSeries!
|
For each date the number of cases that went to an escalated state on that date If not limited by portfolios or companies in the filter, this will reflect the cases for companies in the client's portfolios as they were from time to time. If limited by portfolios or companies this will reflect cases for the companies in the client's current portfolios. |
countResolvedCases - TimeSeries!
|
For each date the number of cases that went to a resolved state on that date If not limited by portfolios or companies in the filter, this will reflect the cases for companies in the client's portfolios as they were at midnight on the measurement date. If limited by portfolios or companies this will reflect cases for the companies in the client's current portfolios. |
countCompaniesEscalatedCases - TimeSeries!
|
Number of companies with an escalated case for a given day If not limited by portfolios or companies in the filter, this will reflect the cases for companies in the client's portfolios as they were at midnight on the measurement date. If limited by portfolios or companies this will reflect cases for the companies in the client's current portfolios. |
countCompaniesExceedingRisk - TimeSeries
|
Number of companies exceeding risk for a given day. Specifically, this is the count on each day of which companies from the client's current set of portfolio companies had at least one finding exceeding risk tolerance against the current client's set of rules as they were at the time. Five quarters (457 days) of data are available. |
meanScore - TimeSeries!
|
Mean score of companies across client portfolios for a given day The companies included are the companies currently in the client's portfolios, regardless of whether or not the companies were in the client's portfolios at the measurement date. The companies also must have had a score on the date in question - all companies in a client portfolio will have a score, and BlueVoyant also scores millions of companies not in any client portfolio, but exceptionally some companies may have a score history shorter than the time window requested. |
totalPortfolioSize - TimeSeries!
|
Total number of companies that are in a client's portfolios (or only those matching the filters) at midnight on a given day, and that have scores available for that day. If not limited by portfolio or company, counted based on the set of companies in the client's portfolios as they were at midnight on the measurement date. |
criticalCompanies - TimeSeries!
|
Number of companies with a critical score severity for a given day If not limited by portfolio or company, counted based on the set of companies in the client's portfolios from time to time. If limited by portfolio or company it is limited to the intersection of what is in the selected portfolio (or passed in set of companies) and the companies that were in the client portfolios as they were at midnight on the measurement date. |
highCompanies - TimeSeries!
|
Number of companies with a high score severity for a given day If not limited by portfolio or company, counted based on the set of companies in the client's portfolios from time to time. If limited by portfolio or company it is limited to the intersection of what is in the selected portfolio (or passed in set of companies) and the companies that were in the client portfolios as they were at midnight on the measurement date. |
mediumCompanies - TimeSeries!
|
Number of companies with a medium score severity for a given day If not limited by portfolio or company, counted based on the set of companies in the client's portfolios from time to time. If limited by portfolio or company it is limited to the intersection of what is in the selected portfolio (or passed in set of companies) and the companies that were in the client portfolios as they were at midnight on the measurement date. |
lowCompanies - TimeSeries!
|
Number of companies with a low score severity for a given day If not limited by portfolio or company, counted based on the set of companies in the client's portfolios from time to time. If limited by portfolio or company it is limited to the intersection of what is in the selected portfolio (or passed in set of companies) and the companies that were in the client portfolios as they were at midnight on the measurement date. |
Example
{
"countEscalatedCases": TimeSeries,
"countResolvedCases": TimeSeries,
"countCompaniesEscalatedCases": TimeSeries,
"countCompaniesExceedingRisk": TimeSeries,
"meanScore": TimeSeries,
"totalPortfolioSize": TimeSeries,
"criticalCompanies": TimeSeries,
"highCompanies": TimeSeries,
"mediumCompanies": TimeSeries,
"lowCompanies": TimeSeries
}
BVGSAssembly
BVGSComponent
BVGSLocation
Description
A location. In so far as it corresponds to a street address, the format is loosely based on the USPS standard
Fields
| Field Name | Description |
|---|---|
address1 - String
|
Address line 1, typically corresponding to a building or door |
address2 - String
|
Address line 2, typically corresponding to a unit within whatever address1 is |
city - String
|
City |
congressionalDistrict - String
|
US Congressional district where applicable |
stateName - String
|
Generally corresponds to the next subdivision used below country in postal addresses |
stateCode - String
|
State code, where available |
countyFipsCode - String
|
5-digit county FIPS code, where available. See https://www.census.gov/library/reference/code-lists/ansi.html |
countryName - String
|
Country name. May exceptionally be null. |
zipCode - String
|
The part of an address that's a code |
longitude - String
|
Longitude in degrees relative to WGS84. String so that json serialization/parsing doesn't truncate the fractional part |
latitude - String
|
Latitude in degrees relative to WGS84. String so that json serialization/parsing doesn't truncate the fractional part |
Example
{
"address1": "abc123",
"address2": "abc123",
"city": "xyz789",
"congressionalDistrict": "abc123",
"stateName": "abc123",
"stateCode": "xyz789",
"countyFipsCode": "abc123",
"countryName": "xyz789",
"zipCode": "xyz789",
"longitude": "abc123",
"latitude": "abc123"
}
BVGSLocationFilter
Description
Fields available by which to filter BVGS items with associated locations
Fields
| Input Field | Description |
|---|---|
countries - [String!]
|
Limit output to suppliers located in the listed countries. Currently matched against the freeform text country field and country code. Default = null |
excludeCountries - [String!]
|
Limit output to suppliers NOT located in the listed countries. Currently matched against the freeform text country field and country code. Default = null |
states - [String!]
|
States to limit the output. Currently matched against the freeform text state field and state code. Default = null |
stateCodes - [String!]
|
Limit output to suppliers located in the listed states. Matched against the state code field by equality. Default = null |
congressionalDistricts - [String!]
|
Congressional districts to limit the output. Matched exactly but case-insensitively against the congressionalDistrict field. Default = null |
zipCodes - [String!]
|
Zip codes to limit the output. Matched exactly but case-insensitively against the zipCode field. Default = null |
box - Box
|
Limit output to sites inside the box. Only includes sites having non-null latitude and longitude fields. Default = null |
Example
{
"countries": ["xyz789"],
"excludeCountries": ["xyz789"],
"states": ["abc123"],
"stateCodes": ["xyz789"],
"congressionalDistricts": ["abc123"],
"zipCodes": ["abc123"],
"box": Box
}
BVGSPart
Description
A part is a product or component that can be associated with a supplier.
Fields
| Field Name | Description |
|---|---|
partId - UUID!
|
Identifier for the part within the BVGS data model |
legacyPartId - Int
|
Don't use this. It's going away. Old identifier for the part within the BVGS data model. Use 'partId' |
partName - String
|
The part name |
systemNameDescription - String
|
Another description of the part |
niin - String
|
National Item Identification Number - 9-digit standardized identifier for military/government parts |
fsc - String
|
Federal Supply Classification - 4-digit code categorizing supply types |
fscDescription - String
|
Description of the Federal Supply Classification category |
primaryNaics - String
|
North American Industry Classification System - 6-digit industry code |
naicsDescription - String
|
Description of the NAICS industry classification |
ricaplael - String
|
RICA/PLAEL identifier - government part grouping system |
supplierCount - Int
|
Number of alternative suppliers providing this same part (supply chain risk metric) This count reflects suppliers after any supplier filters are applied. |
totalSupplierCount - Int
|
Total number of alternative suppliers providing this same part, regardless of supplier filters. This count is not affected by supplierFilter in the parent query. |
integrator - String
|
Integrator or prime contractor information |
category - String
|
Category, which technically is a property of the transaction, but is included here for convenience. Often null. |
Example
{
"partId": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"legacyPartId": 123,
"partName": "xyz789",
"systemNameDescription": "xyz789",
"niin": "012345678",
"fsc": 2530,
"fscDescription": "Vehicle Brake Components",
"primaryNaics": 336411,
"naicsDescription": "Aircraft Manufacturing",
"ricaplael": "xyz789",
"supplierCount": 987,
"totalSupplierCount": 123,
"integrator": "xyz789",
"category": "xyz789"
}
BVGSPartData
Description
Holder for part and associated records
Fields
| Field Name | Description |
|---|---|
part - BVGSPart!
|
Information about the part |
projects - [BVGSProject!]
|
Projects associated with the part |
suppliersInfo - BVGSSupplierInfo
|
Suppliers associated with this part. If suppliers are limited in the parent query, only suppliers for those parts are displayed. |
Arguments
|
|
Example
{
"part": BVGSPart,
"projects": [BVGSProject],
"suppliersInfo": BVGSSupplierInfo
}
BVGSPartFilter
Description
Fields available by which to filter BVGS parts
Fields
| Input Field | Description |
|---|---|
partIds - [UUID!]
|
Limit output to parts with the listed part IDs. Not all parts have BV IDs. Default = null |
legacyPartIds - [Int!]
|
Identifier for the part within the BVGS data model. This will be deprecated. Default = null |
partNamesWildcard - [String!]
|
Return only parts that case-insensitively match these strings, with wildcard matching. Default = null |
niins - [String!]
|
Limit output to the listed National Item Identification Numbers (9-digit government part identifiers). Default = null |
fscCodes - [String!]
|
Limit output to the listed Federal Supply Classification codes (4-digit supply category codes). Default = null |
minSupplierCount - Int
|
Limit output to parts with supplier count in the specified range (for supply chain risk analysis). Default = null |
maxSupplierCount - Int
|
Limit output to parts with supplier count in the specified range (for supply chain risk analysis). Default = null |
ricaplaels - [String!]
|
Limit output to the listed RICA/PLAEL identifiers (government part grouping system). Default = null |
naicsCodes - [String!]
|
Limit output to the listed NAICS codes. Default = null |
keyword - String
|
Keywords to search over multiple columns. Default = null |
Example
{
"partIds": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"legacyPartIds": [123],
"partNamesWildcard": ["abc123"],
"niins": ["012345678"],
"fscCodes": ["2530"],
"minSupplierCount": 987,
"maxSupplierCount": 123,
"ricaplaels": ["xyz789"],
"naicsCodes": [336411],
"keyword": "xyz789"
}
BVGSPartInfo
Description
This is the holder for parts, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
|
totalCount - Int64!
|
Count of parts matching filter regardless of whether they fit within limit |
pageLength - Int!
|
|
parts - [BVGSPartData!]
|
List of parts for client |
Example
{
"offset": 987,
"limit": 123,
"totalCount": 123,
"pageLength": 123,
"parts": [BVGSPartData]
}
BVGSPartSortBy
Description
Holder for the part sort fields for the partInfo query
Fields
| Input Field | Description |
|---|---|
field - BVGSPartSorts!
|
|
direction - SortDirection
|
Example
{"field": "partName", "direction": "asc"}
BVGSPartSorts
Description
Fields available to sort parts by in the partInfo query; default: partName
Values
| Enum Value | Description |
|---|---|
|
|
Name of the part |
|
|
Legacy ID of the part. Will be deprecated |
|
|
National Item Identification Number (9-digit government part identifier) |
|
|
Federal Supply Classification code (4-digit supply category) |
|
|
NAICS industry classification code (6-digit) |
|
|
Number of alternative suppliers (supply chain risk metric) |
|
|
RICA/PLAEL government part grouping identifier |
Example
"partName"
BVGSProject
Description
BVGS projects collect together suppliers in a similar way to TPRM portfolios collecting entities.
Example
{
"projectId": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"legacyProjectId": 123,
"projectName": "xyz789"
}
BVGSProjectData
Description
Holder for project and associated records
Fields
| Field Name | Description |
|---|---|
project - BVGSProject!
|
Information about the project |
Example
{"project": BVGSProject}
BVGSProjectFilter
Description
Fields available by which to filter BVGS projects
Fields
| Input Field | Description |
|---|---|
projectIds - [UUID!]
|
Limit output to the listed BVGS projects. BVGS projects collect together projects in a similar way to TPRM portfolios collecting entities. BVGS Projects are entirely unrelated to the concept of project in TPRM. Default = null |
legacyProjectIds - [Int!]
|
Identifier for the project within the BVGS data model. This will be deprecated. Default = null |
projectNamesWildcard - [String!]
|
Return only projects that case-insensitively match these strings, with sql like wildcard matching. Default = null |
Example
{
"projectIds": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"legacyProjectIds": [987],
"projectNamesWildcard": ["xyz789"]
}
BVGSProjectInfo
Description
This is the holder for projects, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
|
totalCount - Int64!
|
Count of projects matching filter regardless of whether they fit within limit |
pageLength - Int!
|
|
projects - [BVGSProjectData!]
|
List of projects for client |
Example
{
"offset": 123,
"limit": 123,
"totalCount": 123,
"pageLength": 987,
"projects": [BVGSProjectData]
}
BVGSProjectSortBy
Description
Holder for the project sort fields for the projectInfo query
Fields
| Input Field | Description |
|---|---|
field - BVGSProjectSorts!
|
|
direction - SortDirection
|
Example
{"field": "projectName", "direction": "asc"}
BVGSProjectSorts
Description
Fields available to sort projects by in the projectInfo query; default: projectName
Values
| Enum Value | Description |
|---|---|
|
|
Name of the project |
|
|
Legacy ID of the project. Will be deprecated |
|
|
Example
"projectName"
BVGSRiskEventData
Fields
| Field Name | Description |
|---|---|
legacyEventId - Int64!
|
Unified identifier for this risk event Will use UUID soon |
eventUuid - UUID
|
UUID for this risk event |
supplier - BVGSSupplier
|
Information about the company affected |
publicationDate - Time
|
The date the referenced news item was published |
fullTextLink - String
|
Link to the source news item |
title - String
|
A title for this risk event |
analystNote - String
|
Our analysts' analysis as to the impact and relevance of this event |
eventExtract - String
|
An extract from the underlying news report |
newsSourceName - String
|
A name for the news source |
riskEventCategory - RiskEventCategory
|
A categorisation of the risk. One of:
Note that these are completely independent of the risk categories used to categorise TPRM findings |
riskLevel - BusinessRiskRating
|
A qualitative bucketing of risk |
goldEventId - Int
|
Identifier for the underlying news event in the BVGS gold layer. This is shared across clients and projects: the same news item flagged for two different clients will have the same goldEventId. May be null for a small number of legacy rows that never received a gold id. |
Example
{
"legacyEventId": 123,
"eventUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"supplier": BVGSSupplier,
"publicationDate": "2024-02-06T00:00:00Z",
"fullTextLink": "abc123",
"title": "xyz789",
"analystNote": "xyz789",
"eventExtract": "abc123",
"newsSourceName": "abc123",
"riskEventCategory": "Financial",
"riskLevel": "Low",
"goldEventId": 123
}
BVGSRiskEventFilter
Description
Fields available by which to filter BVGS risk events
Fields
| Input Field | Description |
|---|---|
riskEventCategories - [RiskEventCategory!]
|
Limit output to the listed categories. Default = null |
riskLevels - [BusinessRiskRating!]
|
Limit output to the listed risk levels. Default = null |
minPublicationDate - Time
|
Limit output to events dated no earlier than this. Default = null |
maxPublicationDate - Time
|
Limit output to events dated no later than this. Default = null |
text - String
|
Return only events with title or eventExtract or analystNote that case insensitively match this string. Default = null |
legacyEventIds - [Int64!]
|
Limit output to the listed legacy event IDs (will be deprecated in favor or a UUID soon). Default = null |
eventUuids - [UUID!]
|
Limit output to the listed eventUuids. Default = null |
goldEventIds - [Int!]
|
Limit output to the listed goldEventIds. Default = null |
Example
{
"riskEventCategories": ["Financial"],
"riskLevels": ["Low"],
"minPublicationDate": ["2025-04-01"],
"maxPublicationDate": ["2025-04-10"],
"text": "xyz789",
"legacyEventIds": [123],
"eventUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"goldEventIds": [123]
}
BVGSRiskEventInfo
Description
This is the holder for risk events, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
|
totalCount - Int64!
|
Count of risk events matching filter regardless of whether they fit within limit |
pageLength - Int!
|
|
riskEvents - [BVGSRiskEventData!]
|
List of risk events for client |
Example
{
"offset": 123,
"limit": 123,
"totalCount": 123,
"pageLength": 987,
"riskEvents": [BVGSRiskEventData]
}
BVGSRiskEventSortBy
Description
Holder for the risk events sort fields for the bvgsRiskEventInfo query
Fields
| Input Field | Description |
|---|---|
field - BVGSRiskEventSorts!
|
|
direction - SortDirection
|
Example
{"field": "legacyEventId", "direction": "asc"}
BVGSRiskEventSorts
Description
Fields available to sort risk events by in the bvgsRiskEventInfo query; default: legacyEventId
Values
| Enum Value | Description |
|---|---|
|
|
Unified ID assigned to each risk event |
|
|
Name of the supplier |
|
|
Date of news items |
Example
"legacyEventId"
BVGSSibMarketSpace
Description
Fields available to filter SIB investments by in the sibInvestmentInfo subquery of the supplierInfo query
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"Commodities"
BVGSSibRating
Description
Fields available to filter SIB investments by in the sibInvestmentInfo subquery of the supplierInfo query
Values
| Enum Value | Description |
|---|---|
|
|
Worst rating |
|
|
Medium rating |
|
|
Best rating |
Example
"red"
BVGSSibSupportFilter
Description
Fields associated with SIB support by which to filter BVGS suppliers
Fields
| Input Field | Description |
|---|---|
limitBySibSupport - Boolean
|
If true, only suppliers with SIB support will be returned |
sibRatings - [BVGSSibRating!]
|
Filter by SIB ratings, which are one of red/yellow/green. Default = null |
sibMarketSpaces - [BVGSSibMarketSpace!]
|
Filter by market space categoriess. Default = null |
Example
{
"limitBySibSupport": false,
"sibRatings": ["red"],
"sibMarketSpaces": ["Commodities"]
}
BVGSSupplier
Description
Suppliers are in essence a company plus location
Fields
| Field Name | Description |
|---|---|
supplierId - UUID!
|
Identifier for the supplier within the BVGS data model |
legacySupplierId - Int
|
Don't use this. It's going away. Old identifier for the supplier within the BVGS data model. Use 'supplierId' |
supplierName - String
|
The supplier name |
cageId - String
|
An identifier for the company part of a supplier, as allocated by the US govt |
dunsNumber - String
|
Dun & Bradstreet (DUNS) identifier for the company part of a supplier, as allocated by the US govt |
projects - [BVGSProject!]
|
Projects associated with the supplier |
bvidAvailable - Boolean
|
Whether this supplier has a corresponding TPRM company |
hasSLA - Boolean
|
Whether this supplier has a SLA for the current client |
isCyberMonitored - Boolean
|
Whether this supplier is under cyber monitoring by this client |
website - String
|
Website as recorded in the BVGS supplier data. If no company available, use this to supply the website |
sibMarketSpaces - [BVGSSibMarketSpace!]
|
SIB market space - only available if it exists and includeSib filter is used |
sibRating - BVGSSibRating
|
SIB rating - only available if it exists and includeSib filter is used - R/Y/G (Red/Yellow/Green) |
sibTotalInvestmentAmount - Float
|
SIB total investment amount in dollars - only available if it exists and includeSib filter is used - investment across all years |
company - CompanyFromSearchResult
|
The TPRM company part of the supplier. Note:
|
location - BVGSLocation
|
Example
{
"supplierId": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"legacySupplierId": 987,
"supplierName": "xyz789",
"cageId": "xyz789",
"dunsNumber": "abc123",
"projects": [BVGSProject],
"bvidAvailable": false,
"hasSLA": true,
"isCyberMonitored": false,
"website": "abc123",
"sibMarketSpaces": ["Commodities"],
"sibRating": "red",
"sibTotalInvestmentAmount": 987.65,
"company": Company,
"location": BVGSLocation
}
BVGSSupplierAssemblyNetworkInfo
Description
This is the holder for supplier assemblies, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
|
totalCount - Int64!
|
Count of assemblies matching filter regardless of whether they fit within limit |
pageLength - Int!
|
|
assemblies - [BVGSAssembly!]
|
List of neighbor assemblies (identified by RICAPL AEL) |
Example
{
"offset": 123,
"limit": 987,
"totalCount": 123,
"pageLength": 123,
"assemblies": [BVGSAssembly]
}
BVGSSupplierComponentNetworkInfo
Description
This is the holder for supplier components, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
|
totalCount - Int64!
|
Count of components matching filter regardless of whether they fit within limit |
pageLength - Int!
|
|
components - [BVGSComponent!]
|
List of neighbor components |
Example
{
"offset": 987,
"limit": 987,
"totalCount": 123,
"pageLength": 987,
"components": [BVGSComponent]
}
BVGSSupplierData
Description
Holder for supplier and associated records
Fields
| Field Name | Description |
|---|---|
supplier - BVGSSupplier!
|
Information about the supplier |
transactionInfo - BVGSSupplierTransactionInfo
|
Transactions (contracts, subawards, etc.) associated with supplier. If projects are limited in the parent query, only transactions for those projects are displayed. |
Arguments
|
|
riskEventInfo - BVGSRiskEventInfo
|
Risk events associated with supplier. If projects are limited in the parent query, only risk events for suppliers with those projects are displayed. |
Arguments
|
|
sibInvestmentInfo - BVGSSupplierSibInvestmentInfo
|
SIB investments associated with supplier. If projects are limited in the parent query, only investments for suppliers with those projects are displayed. |
Arguments
|
|
sibInvestmentByYear - [BVGSSupplierSibInvestmentSummary!]
|
SIB investments and/or ratings for supplier by year, in order by year |
partsInfo - BVGSPartInfo
|
Parts/products associated with supplier. If projects are limited in the parent query, only parts for those projects are displayed. |
Arguments
|
|
upstreamSuppliers - BVGSSupplierNetworkInfo
|
Subtier suppliers (upstream) for this supplier. Note: These data are not available for all clients. |
downstreamSuppliers - BVGSSupplierNetworkInfo
|
Downstream suppliers for this supplier. Note: These data are not available for all clients. |
upstreamAssemblies - BVGSSupplierAssemblyNetworkInfo
|
Upstream assemblies for this supplier. Note: These data are not available for all clients. |
downstreamAssemblies - BVGSSupplierAssemblyNetworkInfo
|
Downstream assemblies for this supplier. Note: These data are not available for all clients. |
upstreamComponents - BVGSSupplierComponentNetworkInfo
|
Upstream components for this supplier. Note: These data are not available for all clients. |
Example
{
"supplier": BVGSSupplier,
"transactionInfo": BVGSSupplierTransactionInfo,
"riskEventInfo": BVGSRiskEventInfo,
"sibInvestmentInfo": BVGSSupplierSibInvestmentInfo,
"sibInvestmentByYear": [
BVGSSupplierSibInvestmentSummary
],
"partsInfo": BVGSPartInfo,
"upstreamSuppliers": BVGSSupplierNetworkInfo,
"downstreamSuppliers": BVGSSupplierNetworkInfo,
"upstreamAssemblies": BVGSSupplierAssemblyNetworkInfo,
"downstreamAssemblies": BVGSSupplierAssemblyNetworkInfo,
"upstreamComponents": BVGSSupplierComponentNetworkInfo
}
BVGSSupplierFilter
Description
Fields available by which to filter BVGS suppliers
Fields
| Input Field | Description |
|---|---|
projectIds - [UUID!]
|
Limit output to suppliers for the listed BVGS projects. BVGS projects collect together suppliers in a similar way to TPRM portfolios collecting entities. BVGS Projects are entirely unrelated to the concept of project in TPRM. Default = null |
bvids - [UUID!]
|
Limit output to suppliers with the listed BV IDs. Default = null |
bvidAvailable - Boolean
|
Limit output to suppliers with an associated BV ID. Default = null |
cyberMonitored - Boolean
|
Limit output to suppliers under cyber-monitoring by this client. Default = null |
supplierIds - [UUID!]
|
Limit output to suppliers with the listed supplier IDs. Not all suppliers have BV IDs. Default = null |
legacySupplierIds - [Int!]
|
Identifier for the supplier within the BVGS data model. This will be deprecated. Default = null |
supplierNamesWildcard - [String!]
|
Return only suppliers that case-insensitively match these strings, with wildcard matching. Default = null |
dunsNumbers - [String!]
|
Limit output to the listed DUNS numbers. Default = null |
cageIds - [String!]
|
Limit output to the listed cage IDs, matched exactly but case-insensitively. Default = null |
text - String
|
Return only suppliers with name, cageId, city, stateName, supplierId, legacySupplierId that case insensitively match this string. Default = null |
includeSibSupport - Boolean
|
Include SIB support fields. Does not limit to suppliers with these fields, but includes the fields if available. |
hasSLA - Boolean
|
Currently: Does nothing. Eventually:Limit output to suppliers based on whether they have an SLA for the current client. Default = null |
Example
{
"projectIds": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"bvids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"bvidAvailable": false,
"cyberMonitored": false,
"supplierIds": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"legacySupplierIds": [987],
"supplierNamesWildcard": ["xyz789"],
"dunsNumbers": ["136108342"],
"cageIds": ["8X691"],
"text": "xyz789",
"includeSibSupport": true,
"hasSLA": true
}
BVGSSupplierInfo
Description
This is the holder for suppliers, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
|
totalCount - Int64!
|
Count of suppliers matching filter regardless of whether they fit within limit |
pageLength - Int!
|
|
suppliers - [BVGSSupplierData!]
|
List of suppliers for client |
Example
{
"offset": 987,
"limit": 987,
"totalCount": 123,
"pageLength": 987,
"suppliers": [BVGSSupplierData]
}
BVGSSupplierNetworkInfo
Description
This is the holder for supplier neighbors, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
|
totalCount - Int64!
|
Count of suppliers matching filter regardless of whether they fit within limit |
pageLength - Int!
|
|
suppliers - [BVGSSupplier!]
|
List of neighbor suppliers |
Example
{
"offset": 987,
"limit": 987,
"totalCount": 123,
"pageLength": 987,
"suppliers": [BVGSSupplier]
}
BVGSSupplierSibInvestment
Description
SIB investments associated with a supplier
Example
{
"clin": 123,
"fiscalYear": 123,
"description": "xyz789",
"amount": 123
}
BVGSSupplierSibInvestmentFilter
Description
Fields available by which to filter BVGS SIB investments within a supplier
Fields
| Input Field | Description |
|---|---|
descriptionsWildcard - [String!]
|
Filter by descriptions. Default = null |
Example
{"descriptionsWildcard": ["xyz789"]}
BVGSSupplierSibInvestmentInfo
Description
This is the holder for supplier SIB investments, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
Limit and offset echo back the parameters |
totalCount - Int64!
|
Count of investments matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of investments returned |
investments - [BVGSSupplierSibInvestment!]
|
List of investments for supplier |
Example
{
"offset": 987,
"limit": 123,
"totalCount": 123,
"pageLength": 987,
"investments": [BVGSSupplierSibInvestment]
}
BVGSSupplierSibInvestmentSortBy
Description
Holder for the SIB investment sort fields for the sibInvestmentInfo subquery of the supplierInfo query
Fields
| Input Field | Description |
|---|---|
field - BVGSSupplierSibInvestmentSorts!
|
|
direction - SortDirection
|
Example
{"field": "fiscalYear", "direction": "asc"}
BVGSSupplierSibInvestmentSorts
Description
Fields available to sort SIB investments by in the sibInvestmentInfo subquery of the supplierInfo query. Default sort is fiscalYear DESC, description ASC.
Values
| Enum Value | Description |
|---|---|
|
|
Fiscal year of investment |
|
|
Amount of investment in dollars |
|
|
Investment description, sorted case-insensitively |
Example
"fiscalYear"
BVGSSupplierSibInvestmentSummary
Description
SIB investment info by year
Fields
| Field Name | Description |
|---|---|
fiscalYear - Int!
|
Fiscal year of investment |
amount - Int64
|
Amount of investment in dollars for year |
sibRating - BVGSSibRating
|
SIB rating for year |
Example
{"fiscalYear": 987, "amount": 123, "sibRating": "red"}
BVGSSupplierSortBy
Description
Holder for the supplier sort fields for the supplierInfo query
Fields
| Input Field | Description |
|---|---|
field - BVGSSupplierSorts!
|
|
direction - SortDirection
|
Example
{"field": "supplierName", "direction": "asc"}
BVGSSupplierSorts
Description
Fields available to sort suppliers by in the supplierInfo query; default: supplierName
Values
| Enum Value | Description |
|---|---|
|
|
Name of the supplier |
|
|
Legacy ID of the supplier. Will be deprecated |
|
|
By highest risk level of any risk event associated with supplier. Can be used only if hasRiskEvents is true, or a riskEventFilter value is provided. |
|
|
By last publication date of any risk event associated with supplier. Can be used only if hasRiskEvents is true, or a riskEventFilter value is provided. |
|
|
By SIB total investment amount associated with supplier. Can be used only if limitBySibSupport is true, or a sibSupportFilter value is provided. |
Example
"supplierName"
BVGSSupplierTransaction
Description
Transactions associated with a supplier, like contracts, subawards, logistics, research, etc.
Fields
| Field Name | Description |
|---|---|
project - BVGSProject!
|
BVGS project associated with the transaction |
category - String
|
Optional category for the transaction |
description - String!
|
Transaction description |
source - String
|
Source of the transaction, e.g. contracts |
Example
{
"project": BVGSProject,
"category": "abc123",
"description": "abc123",
"source": "xyz789"
}
BVGSSupplierTransactionInfo
Description
This is the holder for supplier transactions, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
|
totalCount - Int64!
|
Count of transactions matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of transactions returned |
transactions - [BVGSSupplierTransaction!]
|
List of transactions for supplier |
Example
{
"offset": 987,
"limit": 123,
"totalCount": 123,
"pageLength": 123,
"transactions": [BVGSSupplierTransaction]
}
BVGSSupplierTransactionSortBy
Description
Holder for the transaction sort fields for the transactionInfo subquery of the supplierInfo query
Fields
| Input Field | Description |
|---|---|
field - BVGSSupplierTransactionSorts!
|
|
direction - SortDirection
|
Example
{"field": "projectName", "direction": "asc"}
BVGSSupplierTransactionSorts
Description
Fields available to sort transactions by in the transactionInfo subquery of the supplierInfo query
Values
| Enum Value | Description |
|---|---|
|
|
BVGS project name |
|
|
Category of the transaction |
|
|
Description of the transaction |
Example
"projectName"
BVGSTransactionFilter
Description
Fields available by which to filter BVGS transactions within a supplier
Fields
| Input Field | Description |
|---|---|
projectIds - [UUID!]
|
Limit output to transactions for the listed BVGS projects. BVGS projects collect together suppliers in a similar way to TPRM portfolios collecting entities. BVGS Projects are entirely unrelated to the concept of project in TPRM. Default = null |
Example
{
"projectIds": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
]
}
BannerBusterInsight
Description
Insight indicating that a product was detected on an IP address/port in a monitored company's footprint
Fields
| Field Name | Description |
|---|---|
bvid - UUID!
|
The unique BlueVoyant identifier (BV ID) of the company associated with this insight |
ip - String!
|
The IP address on which a product was detected |
port - Int!
|
The port on which a product was detected |
subdomain - String
|
The hostname associated with the IP address |
swVersion - String
|
Software version |
swPackage - String
|
Other software version-related information |
deviceVersion - String
|
The version of the (hardware) device |
deviceName - String
|
The name of the device |
httpTitle - String
|
Web page title |
authType - String
|
The type of authentication detected |
httpHeaderServer - String
|
HTTP server information. |
lastObservedTS - Time!
|
The last time this specific insight was observed. |
findingCode - Int64!
|
Finding code is an integer that represents the specific type of a finding. See the dictionary query and the DataDictionary type. |
category - String
|
The category associated with the product |
vendor - String
|
Name of the vendor providing the product |
product - String
|
The product detected |
updatedTS - Time!
|
The time the insight was last updated |
company - CompanyByService
|
Company associated with the insight |
mfaType - String
|
Use 'authType' instead |
Example
{
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"ip": "xyz789",
"port": 987,
"subdomain": "xyz789",
"swVersion": "xyz789",
"swPackage": "abc123",
"deviceVersion": "xyz789",
"deviceName": "abc123",
"httpTitle": "abc123",
"authType": "xyz789",
"httpHeaderServer": "xyz789",
"lastObservedTS": "2024-02-06T20:24:21Z",
"findingCode": 123,
"category": "abc123",
"vendor": "xyz789",
"product": "abc123",
"updatedTS": "2024-02-06T20:24:21Z",
"company": Company,
"mfaType": "xyz789"
}
BannerBusterInsightsInfo
Fields
| Field Name | Description |
|---|---|
bannerBusterInsights - [BannerBusterInsight!]
|
A list of all the returned banner buster insights. |
totalCount - Int64!
|
The total number of objects that fit the filter given regardless of limit. |
pageLength - Int!
|
The total amount of objects returned to user. Between zero and the limit provided. |
Example
{
"bannerBusterInsights": [BannerBusterInsight],
"totalCount": 123,
"pageLength": 987
}
BannerBusterSort
Values
| Enum Value | Description |
|---|---|
|
|
The category associated with the product |
|
|
The category associated with the product |
|
|
The product detected |
|
|
The time the insight was last updated (process date) |
|
|
Finding code is an integer that represents the specific type of a finding. See the dictionary query and the DataDictionary type. |
|
|
The unique BlueVoyant identifier (BV ID) of the company associated with this insight |
|
|
Primary name of the company |
|
|
Name of the portfolio containing the company |
|
|
The last time this specific insight was observed or validated |
Example
"category"
BannerBusterSortBy
Fields
| Input Field | Description |
|---|---|
field - BannerBusterSort!
|
Field by which to sort vendors. Default = updatedTS |
direction - SortDirection
|
Direction in which to sort vendors (asc/desc). Default = asc |
Example
{"field": "category", "direction": "asc"}
Boolean
Description
The Boolean scalar type represents true or false.
Example
true
Box
Example
{"boxLat1": 987.65, "boxLng1": 123.45, "boxLat2": 123.45, "boxLng2": 987.65}
BusinessRiskFilter
Description
** Experimental **
Fields
| Input Field | Description |
|---|---|
bvids - [UUID!]
|
The BV ID is the unique identifier for a company. If specified, results will be limited to companies with bvids listed here. If not specified, all companies selected for business risk for this client, with events with dates in the time range specified in the insightsInfo filter, matching any provided portfolioUuids and attributes, will be used. ** TO BE DEPRECATED ** This field will eventually go away, but for now any BV IDs supplied here will be appended to those in the bvids field in PortfolioAttributeFilter. |
eventIds - [Int64!]
|
The ID associated with this specific business risk event. |
riskRatings - [BusinessRiskRating!]
|
risk rating - Low/Medium/High |
categories - [String!]
|
categories of risk - not yet firmed up to be an enum |
Example
{
"bvids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"eventIds": [123],
"riskRatings": ["Low"],
"categories": ["xyz789"]
}
BusinessRiskInsight
Fields
| Field Name | Description |
|---|---|
bvid - UUID!
|
The BV ID is the unique identifier for the company. |
eventId - Int64!
|
The ID associated with this specific business risk event. |
city - String
|
City in which the HQ of the affected entity is located. |
state - String
|
State in which the HQ of the affected entity is located. |
country - String
|
Country in which the HQ of the affected entity is located. |
address - String
|
The address at which the HQ of the affected entity is located. |
eventSummary - String
|
Summary encompassing what happened in this business risk event. |
eventTitle - String
|
A title for this event |
newsSource - String
|
Information about the source of information |
category - String
|
The category of risk this event correlated to. (Financial, Foreign Influence, Governance, etc) |
riskRating - BusinessRiskRating
|
The severity rating of this specific event. (Low/Medium/High) |
url - String
|
Full link to where this data was gathered from. |
analystNote - String
|
An analyst's note indicating why this record is relevant. |
date - String!
|
The date on which the business risk event was recorded. Will look like: "2023-07-18" |
company - CompanyByService
|
The company affected by this event |
Example
{
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"eventId": 123,
"city": "abc123",
"state": "xyz789",
"country": "xyz789",
"address": "xyz789",
"eventSummary": "abc123",
"eventTitle": "xyz789",
"newsSource": "xyz789",
"category": "abc123",
"riskRating": "Low",
"url": "abc123",
"analystNote": "xyz789",
"date": "2024-02-06",
"company": Company
}
BusinessRiskInsightInfo
Description
Some business risk insights and information about the set of results
Fields
| Field Name | Description |
|---|---|
businessRiskInsights - [BusinessRiskInsight!]
|
The set of results depending on the offset/limit/filter and anything else selected |
totalCount - Int64!
|
The total count of what you could get based on current filters if you weren't limiting or setting the offset |
Example
{
"businessRiskInsights": [BusinessRiskInsight],
"totalCount": 123
}
BusinessRiskRating
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"Low"
BusinessRiskSort
Description
Fields available to sort risk events by in the insightsInfo (businessRisk) query
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"date"
BusinessRiskSortBy
Fields
| Input Field | Description |
|---|---|
field - BusinessRiskSort!
|
Field by which to sort business risks. Default = date |
direction - SortDirection
|
Direction in which to sort policy permissions (asc/desc). Default = asc |
Example
{"field": "date", "direction": "asc"}
CISAKEVCVE
Description
CVEs that include a KEV list flag and the confidence rating
Fields
| Field Name | Description |
|---|---|
findingCode - Int!
|
Finding code is an integer that represents the specific type of a finding. See the dictionary query and the DataDictionary type. |
findingHash - String!
|
An ID of int64 type that is unique for a BV ID, variant, and finding code |
ip - String!
|
The IP address of the entity. |
port - Int!
|
The port used by the entity. |
latestObservation - String!
|
The last time this specific entity was observed. |
cpeId - String!
|
ID of CPE associated with entity |
cveId - String!
|
ID of CVE associated with entity |
dateAdded - String!
|
Date entity was added to kev |
confidence - String!
|
Confidence rating |
updatedTS - String!
|
Timestamp when last updated |
Example
{
"findingCode": 123,
"findingHash": 9039052908188215000,
"ip": "xyz789",
"port": 987,
"latestObservation": "abc123",
"cpeId": "abc123",
"cveId": "xyz789",
"dateAdded": "xyz789",
"confidence": "xyz789",
"updatedTS": "abc123"
}
CPECVE
Description
CPE and CVEs known to be associated with the specified finding
Example
{
"findingHash": 9039052908188215000,
"cpeId": "xyz789",
"cves": ["abc123"]
}
CPECVEFilter
CPEFamily
Description
CPE families
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"windows"
CPEType
Description
CPE types
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"os_desktop"
CVE
Description
CVE type is used to hold the metadata associated to a CVE ID
Fields
| Field Name | Description |
|---|---|
cveId - String!
|
The actual CVE ID; For example: CVE-2014-12345 |
description - String
|
Description of the CVE, as pulled down via ETL from Directus |
score - Float
|
Score value, as pulled down via ETL from Directus |
nistUrl - String!
|
The NIST URL for a given CVE ID; For example: https://nvd.nist.gov/vuln/detail/CVE-2024-21762 |
Example
{
"cveId": "xyz789",
"description": "xyz789",
"score": 123.45,
"nistUrl": "abc123"
}
CVEAsset
CVEAssetSort
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"cpe"
CVEAssetSortBy
Fields
| Input Field | Description |
|---|---|
field - CVEAssetSort!
|
Field by which to sort items. Default = port |
direction - SortDirection
|
Direction in which to sort items (asc/desc). Note that when sorting desc nulls come first. Default = asc |
Example
{"field": "cpe", "direction": "asc"}
CVEAssetsExposedInfo
Description
Wraps a list of CVEAssets.
Note that CVECompany.cveAssetsExposedCount provides the totalCount you might expect here.
Fields
| Field Name | Description |
|---|---|
cveAssets - [CVEAsset!]
|
|
pageLength - Int
|
length of cveAssets |
Example
{"cveAssets": [CVEAsset], "pageLength": 987}
CVECatalogDetailGeneric
Description
Generic, non-client-specific information about CVEs known to BV
Fields
| Field Name | Description |
|---|---|
cveId - String
|
The CVE ID (see https://nvd.nist.gov/vuln) |
onKevList - Boolean
|
|
addedToKevTS - Time
|
when sorting desc nulls come first. This field is null for everything not on the kev (Known Exploited Vulnerability) list |
cvePublishedTS - Time
|
|
cvssv3Score - Float
|
|
cvssv3Severity - RiskLevel
|
A categorical description of how severe the cve is |
Example
{
"cveId": "abc123",
"onKevList": true,
"addedToKevTS": "-",
"cvePublishedTS": "-",
"cvssv3Score": 987.65,
"cvssv3Severity": "low"
}
CVECatalogDetailRollup
Description
Aggregate counts of how cves affect the client's portfolio
Fields
| Field Name | Description |
|---|---|
clientUUID - UUID
|
|
cveId - String
|
The CVE ID (see https://nvd.nist.gov/vuln) |
findingCodes - [Int64!]
|
The finding codes rolled up in a result |
cpeCount - Int64
|
Number of cpes detected for this cve in the client portfolio |
companyCount - Int64
|
Number of companies detected for this cve in the client portfolio |
confidence - ConfidenceLevel
|
Low, medium, high |
onKevList - Boolean
|
|
addedToKevTS - Time
|
when sorting desc nulls come first. This field is null for everything not on the kev (Known Exploited Vulnerability) list |
cvePublishedTS - Time
|
|
cvssv3Score - Float
|
|
cvssv3Severity - RiskLevel
|
A categorical description of how severe the cve is |
lastObservedTS - Time
|
Latest observation for any company in this filtered set |
ipCount - Int64
|
Number of ips affected by this cve for companies in the client portfolio |
portCount - Int64
|
Number of ports affected by this cve for companies in the client portfolio |
observationCount - Int64
|
Number of observations of this cve for comapanies in the client portfolio |
updatedTS - Time
|
Example
{
"clientUUID": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"cveId": "abc123",
"findingCodes": [123],
"cpeCount": 123,
"companyCount": 123,
"confidence": "low",
"onKevList": true,
"addedToKevTS": "-",
"cvePublishedTS": "-",
"cvssv3Score": 123.45,
"cvssv3Severity": "low",
"lastObservedTS": "-",
"ipCount": 123,
"portCount": 123,
"observationCount": 123,
"updatedTS": "-"
}
CVECatalogGenericInfo
Fields
| Field Name | Description |
|---|---|
cveCatalogDetails - [CVECatalogDetailGeneric!]
|
|
totalCount - Int64!
|
Total number available with the current set of filters ignoring limits and offsets |
pageLength - Int!
|
length of cveCatalogDetails |
Example
{
"cveCatalogDetails": [CVECatalogDetailGeneric],
"totalCount": 123,
"pageLength": 123
}
CVECatalogGenericSortBy
Fields
| Input Field | Description |
|---|---|
field - CVECatalogSort!
|
Field by which to sort items. Default = cveId |
direction - SortDirection
|
Direction in which to sort items (asc/desc). Note that when sorting desc nulls come first. Default = asc |
Example
{"field": "cveId", "direction": "asc"}
CVECatalogRollupFilter
Fields
| Input Field | Description |
|---|---|
cves - [String!]
|
The cves to return |
severities - [RiskLevel!]
|
The severities of interest. |
confidence - [ConfidenceLevel!]
|
Confidence levels |
onKevList - Boolean
|
Select items on or not on kev list. Null to have no restriction |
Example
{
"cves": ["abc123"],
"severities": ["low"],
"confidence": ["low"],
"onKevList": false
}
CVECatalogRollupInfo
Description
Wrapper for a list of CVECatalogDetailRollups
Fields
| Field Name | Description |
|---|---|
cveCatalogDetails - [CVECatalogDetailRollup!]
|
|
totalCount - Int64
|
Total number available with the current set of filters ignoring limits and offsets |
pageLength - Int
|
length of cveCatalogDetails |
Example
{
"cveCatalogDetails": [CVECatalogDetailRollup],
"totalCount": 123,
"pageLength": 987
}
CVECatalogSort
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"cveId"
CVECatalogSortBy
Fields
| Input Field | Description |
|---|---|
field - CVECatalogSort!
|
Field by which to sort items. Default = cveId |
direction - SortDirection
|
Direction in which to sort items (asc/desc). Note that when sorting desc nulls come first. Default = asc |
Example
{"field": "cveId", "direction": "asc"}
CVECompany
Description
Company information from the cveCompanyInfo query.
More limited (at least presently) than the companyInfo query data
Fields
| Field Name | Description |
|---|---|
bvid - UUID!
|
The BV ID, the unique identifier for the company |
primaryName - String
|
Primary name of the company |
primaryDomain - String
|
Primary domain associated with the company |
clientEntityData - [ClientEntityData!]
|
clientEntityIds WITHOUT their associated info. A clientEntityId is an identifier allocated by the client for a company (entity). A clientEntityId can only be assigned to one company in all of the client's portfolios. |
attributes - [String!]
|
Client-provided attributes or tags that can be associated with one or more companies, used for filtering or grouping companies |
clientEntityIds - [String!]
|
clientEntityIds are case-insensitive identifiers allocated by the client for a company (entity). Typically you would use them to store your internal company identifiers (or a surrogate therefore) in our system. A clientEntityId can only be assigned to one company in all of the client's portfolios. |
industryDescription - String
|
This will always be empty Use 'firmographicFields -> industryDescription' |
firmographicFields - FirmographicData
|
These will always be blank |
portfolios - [Portfolio!]
|
|
cveId - String
|
|
cveAssetsExposedCount - Int
|
|
cveLastObservedTS - Time
|
|
cveFindingHash - Int64
|
Use cveFindingHashString |
cveFindingHashString - String
|
|
cveFindingSummary - String
|
|
cveAssetsExposed - CVEAssetsExposedInfo
|
|
Arguments |
|
serviceAttributes - [ServiceAttribute!]
|
Service attributes/licenses the company has |
companyLogo - CompanyLogo
|
The company's primary domain's logo encoded in base64. |
Example
{
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"primaryName": "abc123",
"primaryDomain": "abc123",
"clientEntityData": [ClientEntityData],
"attributes": ["xyz789"],
"clientEntityIds": ["xyz789"],
"industryDescription": "xyz789",
"firmographicFields": FirmographicData,
"portfolios": [Portfolio],
"cveId": "xyz789",
"cveAssetsExposedCount": 123,
"cveLastObservedTS": "-",
"cveFindingHash": 123,
"cveFindingHashString": "xyz789",
"cveFindingSummary": "xyz789",
"cveAssetsExposed": CVEAssetsExposedInfo,
"serviceAttributes": [ServiceAttribute],
"companyLogo": CompanyLogo
}
CVECompanyFilter
Fields
| Input Field | Description |
|---|---|
cves - [String!]
|
Cves for which to get data. Default = null |
bvids - [UUID!]
|
The BV ID is the unique identifier for the company. Default = null |
portfolioUuids - [UUID!]
|
|
attributes - [String]
|
Search on attributes is case-sensitive and exact. Supply an empty string as a value to match companies with no attributes. Default = null |
clientEntityIds - [String]
|
A clientEntityId is an identifier allocated by the client for a company (entity). A clientEntityId is unique case-insensitively across all companies in the client's portfolios. This field is for exact, case-sensitive matches only. Default = null |
primaryNames - [String!]
|
Filter by primary name of company with substring matching. Default = null |
sortBy - [CVECompanySortBy]
|
Example
{
"cves": ["abc123"],
"bvids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"portfolioUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"attributes": ["xyz789"],
"clientEntityIds": ["abc123"],
"primaryNames": ["abc123"],
"sortBy": [CVECompanySortBy]
}
CVECompanyInfo
Description
Wrapper for list of CVECompany objects
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
Limit and offset echo back the parameters |
totalCount - Int64!
|
Count of companies matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of companies returned |
companies - [CVECompany!]
|
Companies in the client's portfolios |
Example
{
"offset": 123,
"limit": 123,
"totalCount": 123,
"pageLength": 987,
"companies": [CVECompany]
}
CVECompanySortBy
Fields
| Input Field | Description |
|---|---|
field - CVECompanySorts!
|
|
direction - SortDirection
|
Example
{"field": "primaryName", "direction": "asc"}
CVECompanySorts
Description
Fields available by which to sort companies; default: primaryName/asc
Values
| Enum Value | Description |
|---|---|
|
|
Primary name of the company |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"primaryName"
Case
Description
ServiceNOW case information associated with the specified finding.
A case is the escalation/workflow wrapper that BlueVoyant (and the third party) use to track and remediate a finding; it is a separate lifecycle from the finding itself. A case is opened when a finding is escalated, and is resolved (active becomes false, firstResolvedTS is set) when the workflow concludes — for example the issue is fixed, the risk is accepted, or an analyst closes it. Because the two lifecycles are independent, a case can be resolved while the underlying finding is still open (the issue is still being observed in scans), and a finding can close on its own — when the issue stops being observed — regardless of whether its case is still active. Use Finding.findingStatus for whether the issue is open/closed, and the fields on this type for where the case sits in the remediation workflow.
Fields
| Field Name | Description |
|---|---|
caseNumber - String!
|
Identifier for the case |
active - Boolean
|
Whether the case is currently active (open). This reflects the escalation/workflow lifecycle, not whether the underlying finding is open or closed: a case can be resolved (active = false) while its finding is still open because the issue is still observed. See Finding.findingStatus for the open/closed status of the issue itself. |
firstEscalatedTS - String
|
First escalated timestamp on the finding's case |
lastEscalatedTS - String
|
Last escalated timestamp on the finding's case |
automatedFollowUpCount - Int
|
Number of automated follow-ups on the finding's case |
daysSinceFirstEscalated - Int
|
Number of days since the finding's case was first escalated |
firstResolvedTS - String
|
First resolved timestamp on the finding's case |
durationTimeToResolve - ISODuration
|
Time from escalated to resolved as ISO 8601 duration format |
emailsSent - Int
|
Number of emails sent |
escalationStatus - FindingEscalationStatus
|
Escalation status of this case |
thirdPartyAcknowledgedTS - String
|
Third-party acknowledged timestamp on the finding's case, if thirdPartyAcknowledged is true |
thirdPartyAcknowledged - Boolean
|
Whether third party has acknowledged communications |
Example
{
"caseNumber": "3PR0123456",
"active": false,
"firstEscalatedTS": "2022-11-30T21:15:13Z",
"lastEscalatedTS": "2022-12-01T19:10:10Z",
"automatedFollowUpCount": 123,
"daysSinceFirstEscalated": 987,
"firstResolvedTS": "2022-12-15T20:25:23Z",
"durationTimeToResolve": "PT25H10M02S",
"emailsSent": 123,
"escalationStatus": "Pending",
"thirdPartyAcknowledgedTS": "2022-11-30T21:15:13Z",
"thirdPartyAcknowledged": false
}
CaseHistoryFilter
Description
Filter used by the caseHistoryInfo query.
Fields
| Input Field | Description |
|---|---|
portfolioUuids - [UUID!]
|
Unique identifiers for portfolios. Default = null |
attributes - [String!]
|
Attributes associated with this company. Default = null |
bvids - [String!]
|
The unique identifier for an entity. Default = null |
findingCodes - [Int64!]
|
A small description of the specific finding. Default = null |
caseNumbers - [String!]
|
The identifying number of the case. Default = null |
escalationStatuses - [FindingEscalationStatus!]
|
The current state of the case. |
escalatedOrResolvedStartDate - Time
|
The earliest you want a case with an escalated or resolved time. If just the date is provided for both the start and end date (e.g. '2025-03-31' or '2025-03-31T00:00:00Z' (i.e. hours, minutes, seconds and time zone offset are all zero or have not been provided), then the start date will start at the beginning of the day in UTC. If time zones other than UTC are used, values will be converted to UTC and the time format, rather the full date format, will be used. |
escalatedOrResolvedEndDate - Time
|
The latest you want a case with an escalated or resolved time. If just the date is provided for both the start and end date (e.g. '2025-03-31' or '2025-03-31T00:00:00Z' (i.e. hours, minutes, seconds and time zone offset are all zero or have not been provided), then the end date will end at the beginning of the day in UTC (e.g. '2025-03-31T23:59:59Z'). If time zones other than UTC are used, values will be converted to UTC and the time format, rather the full date format, will be used. |
isEscalated - Boolean
|
If set to true then all returned objects have to have a escalation timestamp; if false, they do not. |
caseHistoryPeriod - [CaseHistoryPeriod!]
|
Allows you to filter on a time period on a specific timestamp column. |
active - Boolean
|
If true will only return active cases, else if false then will return only inactive cases. |
sortBy - [CaseHistorySortBy!]
|
The field(s) you would like to sort on. |
Example
{
"portfolioUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"attributes": ["abc123"],
"bvids": ["abc123"],
"findingCodes": [123],
"caseNumbers": ["xyz789"],
"escalationStatuses": ["Pending"],
"escalatedOrResolvedStartDate": "2024-02-06T20:24:21Z",
"escalatedOrResolvedEndDate": "2024-02-06T21:37:02Z",
"isEscalated": true,
"caseHistoryPeriod": [CaseHistoryPeriod],
"active": true,
"sortBy": [CaseHistorySortBy]
}
CaseHistoryInfo
Description
Object returned by the caseHistoryInfo query.
Fields
| Field Name | Description |
|---|---|
totalCount - Int64!
|
Total amount of cases regardless of provided filters |
pageLength - Int!
|
Total amount of cases returned in this query |
meanTimeToResolve - Float
|
Mean resolution time for all cases returned in query with a resolution time in seconds. |
meanDurationActiveEscalated - Float
|
The average amount of time active cases have been escalated in seconds. |
cases - [CaseWithCompany!]
|
An array of the cases. |
Example
{
"totalCount": 123,
"pageLength": 123,
"meanTimeToResolve": 987.65,
"meanDurationActiveEscalated": 987.65,
"cases": [CaseWithCompany]
}
CaseHistoryPeriod
Description
Used by caseHistoryPeriod in the CaseHistoryFilter filter
Fields
| Input Field | Description |
|---|---|
field - CaseHistoryPeriods
|
The timestamp column to filter on. Required. |
startDate - Time
|
The start of the time period filter. If just the date is provided for both the start and end date (e.g. '2025-03-31' or '2025-03-31T00:00:00Z' (i.e. hours, minutes, seconds and time zone offset are all zero or have not been provided), then the end date will end at the beginning of the day in UTC (e.g. '2025-03-31T23:59:59Z'). If time zones other than UTC are used, values will be converted to UTC and the time format, rather the full date format, will be used. |
endDate - Time
|
The end of the time period filter. If just the date is provided for both the start and end date (e.g. '2025-03-31' or '2025-03-31T00:00:00Z' (i.e. hours, minutes, seconds and time zone offset are all zero or have not been provided), then the end date will end at the beginning of the day in UTC (e.g. '2025-03-31T23:59:59Z'). If time zones other than UTC are used, values will be converted to UTC and the time format, rather the full date format, will be used. |
Example
{
"field": "firstEscalatedTS",
"startDate": "2024-02-06T20:24:21Z",
"endDate": "2024-02-06T21:37:02Z"
}
CaseHistoryPeriods
Description
Allowed values for field in the CaseHistoryPeriod filter
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"firstEscalatedTS"
CaseHistorySortBy
Fields
| Input Field | Description |
|---|---|
field - CaseHistorySorts!
|
|
direction - SortDirection
|
Example
{"field": "caseNumber", "direction": "asc"}
CaseHistorySorts
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"caseNumber"
CaseStatistics
Description
All case statistics that can be returned by a caseStatistics query
Fields
| Field Name | Description |
|---|---|
cases - Int
|
Specify resolved{Start,End}Date in the caseStatistics query to get the number of cases resolved in the period. |
findings - Int
|
Specify resolved{Start,End}Date in the caseStatistics query to get the number of distinct findings resolved in the period. |
companies - Int
|
Specify resolved{Start,End}Date in the caseStatistics query to get the number of distinct companies with a resolved case in the period. |
meanDaysToResolve - Float
|
Specify resolved{Start,End}Date in the caseStatistics query to get the mean days to resolve for all cases that resolved in the period. Specify no dates to get the mean days to resolve for all resolved cases |
escalatedFindingTypes - [EscalatedFindingCount!]
|
Specify resolved{Start,End}Date in the caseStatistics query to get the finding types escalated in the period. Specify no dates in the caseStatistics query to get current results It would be cool if we didn't group by keys not requested, but we don't. Users may need to group the output here further if less granularity is needed. |
companyCasesCounts - [CompanyStatistic!]
|
The cases count, broken down by company |
Arguments
|
|
Example
{
"cases": 123,
"findings": 987,
"companies": 987,
"meanDaysToResolve": 123.45,
"escalatedFindingTypes": [EscalatedFindingCount],
"companyCasesCounts": [CompanyStatistic]
}
CaseWithCompany
Fields
| Field Name | Description |
|---|---|
caseNumber - String!
|
The identifying case number of this case. |
findingCode - Int64
|
Finding code is an integer that represents the specific type of a finding. Finding code 0 indicates the overall company score. See the dictionary query and the DataDictionary type. |
findingHash - String
|
An ID of int64 type that is unique for a BV ID, variant, and finding code |
findingSummary - String
|
A small description of the finding related to the case. |
primaryName - String
|
The company name. |
bvid - UUID
|
The unique BlueVoyant identifier (BV ID) of the company. A standard field. |
portfolioNames - [String!]
|
A list of names of portfolios this case is in. |
attributes - [String!]
|
A list of attributes associated with the company. |
firstEscalatedTS - Time
|
When this case was first escalated if it was escalated. |
firstResolvedTS - Time
|
When this case was resolved if it was resolved. |
durationTimeToResolveSeconds - Int
|
The duration of time in seconds it took to resolve this case. |
durationActiveEscalated - Int
|
The amount of time in seconds since the case has been escalated only if the case is both active and escalated. |
escalationStatus - FindingEscalationStatus
|
The current escalated status for this case. All possible values: Pending, Overdue, In Dispute, Escalation, Resolved, Unset, Resolved Not Escalated, Risk Accepted, Waiting for Third Party Response, In Review, Escalated to Client |
active - Boolean!
|
The overall status of the case (open/active or closed), regardless of escalation status. This is the case's workflow lifecycle, not the underlying finding's open/closed status: a case can be resolved (closed) while its finding is still open because the issue is still observed. See Finding.findingStatus for the open/closed status of the issue itself. |
Example
{
"caseNumber": "abc123",
"findingCode": 10001,
"findingHash": "xyz789",
"findingSummary": "xyz789",
"primaryName": "xyz789",
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"portfolioNames": ["abc123"],
"attributes": ["xyz789"],
"firstEscalatedTS": "-",
"firstResolvedTS": "-",
"durationTimeToResolveSeconds": 987,
"durationActiveEscalated": 123,
"escalationStatus": "Pending",
"active": false
}
CasesInPeriodStatistics
Description
Results of the casesInPeriodStatistics query
Fields
| Field Name | Description |
|---|---|
companiesResolvedInPeriod - Int
|
Number of companies that closed out at least one escalation in the period |
companiesWithCreatedEscalationInPeriod - Int
|
Number of companies that escalated at least one case in the period |
companiesWithEscalationAtStartOfPeriod - Int
|
Number of companies with at least one escalation before the start of the period that is either not resolved or that resolved after the start |
casesResolvedInPeriod - Int
|
Number of escalated cases that closed out in the period |
casesWithCreatedEscalationInPeriod - Int
|
Number of cases that were first escalated in the period |
casesWithEscalationAtStartOfPeriod - Int
|
Number of cases escalated before the start of the period that are either not resolved or that resolved after the start |
emergingVulnerabilityCases - Int
|
Number of emerging vulnerability cases created in the period, in which a notification was sent regarding the associated company, either through its own case or via a bulk notification to the client. This does not currently include the number of companies for which only identification and bulk notification of EVs was done, but no cases were created. See emergingVulnerabilitySummaryInfo. |
emergingVulnerabilityCompanies - Int
|
Number of companies with at least one vulnerability case created in the period, in which a notification was sent regarding the company, either through its own case or via a bulk notification to the client. This does not currently include the number of companies for which only identification of EVs and bulk notification was done, but no cases were created. See emergingVulnerabilitySummaryInfo. |
caseResolutionPercentages - [ResolutionPercentage!]
|
Percentages of cases resolved by thresholdDays. The buckets are cumulative. Data are for all time and thus the query ignores the dates supplied. |
controlResolutionPercentages - [ResolutionPercentage!]
|
Percentages of findings resolved by thresholdDays. The buckets are cumulative. Data are for a control group of companies NOT under management. Data are for all time and thus the query ignores the dates (and other filters) supplied. Accordingly, these data will be the same for all clients. |
companiesFullyResolvedInPeriod - Int
|
Number of companies in period that closed out all of their escalations that existed at the start of the period |
companiesGoneBadInPeriod - Int
|
Number of companies that started the period with ZERO escalations that subsequently had more than 0 escalations in the period, regardless of whether they had any escalations at the end of the period |
Example
{
"companiesResolvedInPeriod": 987,
"companiesWithCreatedEscalationInPeriod": 987,
"companiesWithEscalationAtStartOfPeriod": 123,
"casesResolvedInPeriod": 123,
"casesWithCreatedEscalationInPeriod": 123,
"casesWithEscalationAtStartOfPeriod": 123,
"emergingVulnerabilityCases": 987,
"emergingVulnerabilityCompanies": 987,
"caseResolutionPercentages": [ResolutionPercentage],
"controlResolutionPercentages": [ResolutionPercentage],
"companiesFullyResolvedInPeriod": 987,
"companiesGoneBadInPeriod": 987
}
CategoryScore
Description
Score details for category scores (those that have finding codes that are multiples of 10000), used in CategoryScores
Fields
| Field Name | Description |
|---|---|
scoreDate - String!
|
Score is calculated based on data collected through the end of this date. Accordingly this will usually be yesterday's date, in YYYY-MM-DD format |
findingCode - Int!
|
Finding code is an integer that represents the specific type of a finding. See the dictionary query and the DataDictionary type. |
findingCount - Int
|
This is the count of all findings for the category. No findings indicate the category cannot be scored. |
score - Float
|
Score can be from 0 to 100, or null if not scored |
riskLevel - RiskLevel
|
A bucketing of the risk level |
scoreImpact - Float
|
The impact of a finding on the overall company risk score |
scorePercentile - Float
|
This has never actually been a peer percentile, but a percentile of all scores |
findingStatus - FindingStatus
|
Will be closed if no findings and category cannot be scored; see findingCount |
numberOfDetails - Int
|
|
numberDomainsAffected - Int
|
|
numberIpsAffected - Int
|
Example
{
"scoreDate": "2024-01-01",
"findingCode": 987,
"findingCount": 987,
"score": 123.45,
"riskLevel": "low",
"scoreImpact": 987.65,
"scorePercentile": 987.65,
"findingStatus": "open",
"numberOfDetails": 987,
"numberDomainsAffected": 987,
"numberIpsAffected": 987
}
CategoryScores
Description
The score for each risk category used in Company categoryScores
Fields
| Field Name | Description |
|---|---|
adversarialThreats - CategoryScore
|
Finding code: 40000 |
emailSecurity - CategoryScore
|
Finding code: 10000 |
itHygiene - CategoryScore
|
Finding code: 20000 |
maliciousActivity - CategoryScore
|
Finding code: 50000 |
vulnerability - CategoryScore
|
Finding code: 30000 |
Example
{
"adversarialThreats": CategoryScore,
"emailSecurity": CategoryScore,
"itHygiene": CategoryScore,
"maliciousActivity": CategoryScore,
"vulnerability": CategoryScore
}
CategorySummarizedCountFilter
Fields
| Input Field | Description |
|---|---|
portfolios - [String!]
|
The portfolios to filter on. |
Example
{"portfolios": ["xyz789"]}
CategorySummarizedCountInfo
Fields
| Field Name | Description |
|---|---|
totalCount - Int!
|
Total amount of items that match the user's request regardless of how many were returned. |
pageLength - Int!
|
The number of items returned to the user. |
items - [CategorySummarizedCounts]
|
The list of objects returned from the user's request. |
Example
{
"totalCount": 987,
"pageLength": 987,
"items": [CategorySummarizedCounts]
}
CategorySummarizedCountSort
Values
| Enum Value | Description |
|---|---|
|
|
Example
"portfolioName"
CategorySummarizedCountSortBy
Fields
| Input Field | Description |
|---|---|
field - CategorySummarizedCountSort!
|
Field by which to sort vendors. Default = portfolioName |
direction - SummarizedSortDirection
|
Direction in which to sort users (asc/desc). Default = asc |
Example
{"field": "portfolioName", "direction": "asc"}
CategorySummarizedCounts
Example
{
"totalCount": 123,
"portfolio": "xyz789",
"categories": ["xyz789"]
}
CdpClient
Fields
| Field Name | Description |
|---|---|
id - Int!
|
The unique (internal) ID for individual CDP client |
cdpId - String!
|
The unique (Salesforce) ID for individual CDP client |
name - String!
|
The name for this CDP client |
realmId - String!
|
The CDP realm |
clientUuid - UUID
|
The TPRM UUID of the client |
createdTS - Time!
|
Timestamp when created |
updatedTS - Time!
|
Timestamp when last updated |
createdBy - String!
|
Username that created this item (in the db) |
updatedBy - String!
|
Username that last updated this item (in the db) |
Example
{
"id": 123,
"cdpId": "xyz789",
"name": "xyz789",
"realmId": "xyz789",
"clientUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"createdTS": "-",
"updatedTS": "-",
"createdBy": "xyz789",
"updatedBy": "xyz789"
}
CdpClientFilter
Description
Fields available by which to filter BVGS projects
Fields
| Input Field | Description |
|---|---|
ids - [Int!]
|
Return only clients that match the specified internal IDs. Default = null |
cdpIds - [String!]
|
Return only clients that match the specified CDP (Salesforce) IDs. Default = null |
namesWildcard - [String!]
|
Return only projects that case-insensitively match these strings, with sql-like wildcard matching. Default = null |
realmIds - [String!]
|
Return only clients that match the specified CDP realms. Default = null |
clientUuids - [UUID!]
|
Return only clients that match the specified TPRM client UUIDs. Default = null |
Example
{
"ids": [987],
"cdpIds": ["abc123"],
"namesWildcard": ["abc123"],
"realmIds": ["xyz789"],
"clientUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
]
}
CdpClientInfo
Description
This is the holder for CDP clients, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
|
totalCount - Int64!
|
Count of CDP clients matching filter regardless of whether they fit within limit |
pageLength - Int!
|
|
cdpClients - [CdpClient!]
|
List of CDP client |
Example
{
"offset": 987,
"limit": 123,
"totalCount": 123,
"pageLength": 987,
"cdpClients": [CdpClient]
}
CdpClientResponse
Description
Response to a mutation on CdpClient
Example
{
"code": 123,
"message": "xyz789",
"success": false,
"cdpClient": CdpClient
}
CdpClientSortBy
Description
Holder for the sort fields for the cdpClientInfo query
Fields
| Input Field | Description |
|---|---|
field - CdpClientSorts!
|
|
direction - SortDirection
|
Example
{"field": "name", "direction": "asc"}
CdpClientSorts
Description
Fields available to sort CDP clients by in the cdpClientInfo query; default: name
Values
| Enum Value | Description |
|---|---|
|
|
Name of the CDP client |
|
|
System ID of the CDP client |
|
|
CDP (Salesforce) ID of the CDP client |
|
|
Realm of the CDP client |
|
|
TPRM client UUID of the CDP client |
Example
"name"
CdpClientToAdd
Description
The input to the cdpClientCreate mutation
Example
{
"cdpId": "xyz789",
"name": "abc123",
"realmId": "xyz789",
"clientUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
}
CdpClientToUpdate
Description
The input to the cdpClientUpdate mutation
Fields
| Input Field | Description |
|---|---|
id - Int
|
System ID associated with CDP client to be changed. Provide either id or cdpIdToLookup, but not both. |
cdpIdToLookup - String
|
CDP (Salesforce) ID for CDP client to be changed. Provide either cdpIdToLookup or id, but not both. |
cdpId - String
|
The new CDP (Salesforce) ID for this CDP client |
name - String
|
The new name for this CDP client. May not be an empty string. |
realmId - String
|
The new CDP realm. If set to an empty string, the field will be set to null. |
clientUuid - UUID
|
The new TPRM UUID of the client. If set to an all-0 UUID, the field will be set to null. |
Example
{
"id": 987,
"cdpIdToLookup": "xyz789",
"cdpId": "abc123",
"name": "abc123",
"realmId": "xyz789",
"clientUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
}
ClientConfiguration
Description
Client configuration including the license information, and service setup with quotas and usage.
Fields
| Field Name | Description |
|---|---|
clientName - String!
|
The client's name |
clientUuid - UUID!
|
The client's UUID |
realmId - String
|
CDP realm |
bvid - UUID
|
The company ID (BV ID) that corresponds to this client company ("My Company" in the portal) |
enableMrs - Boolean!
|
True if MRS integration has been enabled |
useClientEntityIds - Boolean!
|
True if client-provided entity IDs are available in the portal |
clientEntityIdLabel - String!
|
The client's label for entity IDs in the portal, e.g. "SPAR ID" |
useEntityAttributes - Boolean!
|
True if client-provided entity attributes are available in the portal |
entityAttributeLabel - String!
|
The client's label for entity attributes in the portal, e.g. "Tag" |
enforceEntityQuota - Boolean!
|
Indicates whether the maximum number of allowed entities across all external_regular portfolios (entityQuota) is being enforced See enforceCompanyQuota in serviceSetups. external_regular portfolios are now represented by one or more services/licenses. |
entityQuota - Int!
|
The maximum number of allowed entities across all external_regular portfolios (not including the "My Company" entity, if present) See companyQuota in serviceSetups. external_regular portfolios are now represented by one or more services/licenses. |
entityCount - Int!
|
The current number of entities in all external_regular portfolios subject to the quota (entityQuota), not including the "My Company" entity, if present See companyCount in serviceSetups. external_regular portfolios are now represented by one or more services/licenses. |
enforceEntityChurn - Boolean!
|
Indicates whether the maximum churn rate for entities ((1 + entityChurnPercent/100) * entityQuota) across all external_regular portfolios is being enforced See enforceCompanyChurn in serviceSetups. external_regular portfolios are now represented by one or more services/licenses. |
entityChurnPercent - Float!
|
The churn rate for entities across all external_regular portfolios as a percentage, e.g. if entityChurnPercent is 5, entityChurnCount cannot exceed (1 + entityChurnPercent/100) * entityQuota during the last entityChurnDays if enforceEntityChurn is true, so if entityQuota is 100 and entityChurnDays is 90, up to 105 different entities (companies) can be swapped in and out of external_regular portfolios during any 90-day period. See companyChurnPercent in serviceSetups. external_regular portfolios are now represented by one or more services/licenses. |
entityChurnDays - Int!
|
The period in days over which the churn rate for entities across all external_regular portfolios (entityChurnPercent) applies See companyChurnDays in serviceSetups. external_regular portfolios are now represented by one or more services/licenses. |
entityChurnCount - Int!
|
The current number of distinct entities that were in all external_regular portfolios at any time during the latest churn period (not including the "My Company" entity or any entities that remained in portfolios for less than 24 hours) See companyChurnCount in serviceSetups. external_regular portfolios are now represented by one or more services/licenses. |
enforceMaxEntityAdditions - Boolean!
|
Indicates whether the maximum number of additions of entities (maxEntityAdditions) during the additions period (entityAdditionsDays) across all external_regular portfolios is being enforced See enforceMaxCompanyAdditions in serviceSetups. external_regular portfolios are now represented by one or more services/licenses. |
maxEntityAdditions - Int!
|
The maximum number of distinct entities that can be added to all external_regular portfolios during the additions period (entityAdditionsDays) See maxCompanyAdditions in serviceSetups. external_regular portfolios are now represented by one or more services/licenses. |
entityAdditionsDays - Int!
|
The period in days over which the maximum number of distinct entities added for all external_regular portfolios (maxEntityAdditions) applies See companyAdditionsDays in serviceSetups. external_regular portfolios are now represented by one or more services/licenses. |
entityAdditionsCount - Int!
|
The current number of distinct entities added to all external_regular portfolios at any time during the latest additions period (not including the "My Company" entity or any entities that remained in portfolios for less than 24 hours) See companyAdditionsCount in serviceSetups. external_regular portfolios are now represented by one or more services/licenses. |
enforceHvmEntityQuota - Boolean!
|
Discontinued product |
hvmEntityQuota - Int!
|
Discontinued product |
hvmEntityCount - Int!
|
Discontinued product |
enforceHvmEntityChurn - Boolean!
|
Discontinued product |
hvmEntityChurnPercent - Float!
|
Discontinued product |
hvmEntityChurnDays - Int!
|
Discontinued product |
hvmEntityChurnCount - Int!
|
Discontinued product |
enforceMaxHvmEntityAdditions - Boolean!
|
Discontinued product |
maxHvmEntityAdditions - Int!
|
Discontinued product |
hvmEntityAdditionsDays - Int!
|
Discontinued product |
hvmEntityAdditionsCount - Int!
|
Discontinued product |
licenseQuantity - [LicenseQuantity]!
|
Information on the number of licenses of each type a client has. It is filtered by whether the licenses are active/inactive. This section comes from purchased licenses in SalesForce. |
serviceSetups - [ServiceSetup]!
|
Information on the services, associated quotas, and current usage a client has. Companies that remained in a service for less than 24 hours are not counted against quotas, churn rate or maximum additions limits. This section overrides licenseQuantity. |
Example
{
"clientName": "xyz789",
"clientUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"realmId": "xyz789",
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"enableMrs": false,
"useClientEntityIds": true,
"clientEntityIdLabel": "abc123",
"useEntityAttributes": true,
"entityAttributeLabel": "xyz789",
"enforceEntityQuota": true,
"entityQuota": 987,
"entityCount": 123,
"enforceEntityChurn": false,
"entityChurnPercent": 987.65,
"entityChurnDays": 123,
"entityChurnCount": 123,
"enforceMaxEntityAdditions": true,
"maxEntityAdditions": 123,
"entityAdditionsDays": 987,
"entityAdditionsCount": 123,
"enforceHvmEntityQuota": false,
"hvmEntityQuota": 987,
"hvmEntityCount": 987,
"enforceHvmEntityChurn": false,
"hvmEntityChurnPercent": 987.65,
"hvmEntityChurnDays": 123,
"hvmEntityChurnCount": 987,
"enforceMaxHvmEntityAdditions": true,
"maxHvmEntityAdditions": 987,
"hvmEntityAdditionsDays": 123,
"hvmEntityAdditionsCount": 987,
"licenseQuantity": [LicenseQuantity],
"serviceSetups": [ServiceSetup]
}
ClientContact
Description
Client contacts are contacts AT the client. They may get escalations for multiple companies/vendors.
Fields
| Field Name | Description |
|---|---|
id - Int!
|
|
contactName - String!
|
Full name of contact |
email - String!
|
Contact's email address |
businessPhoneNumber - String!
|
Contact's phone number |
jobTitle - String!
|
Contact's job title |
createdTS - String!
|
Timestamp when created |
updatedTS - String!
|
Timestamp when last updated |
createdBy - String!
|
Username that created this item |
updatedBy - String!
|
Username that last updated this item |
companyRelationshipInfo - ClientContactCompanyRelationshipInfo
|
Companies for which the contact is responsible for receiving escalations |
Example
{
"id": 987,
"contactName": "xyz789",
"email": "abc123",
"businessPhoneNumber": "xyz789",
"jobTitle": "xyz789",
"createdTS": "abc123",
"updatedTS": "abc123",
"createdBy": "abc123",
"updatedBy": "abc123",
"companyRelationshipInfo": ClientContactCompanyRelationshipInfo
}
ClientContactBulkUpdate
Description
Result of the clientContactBulkCompanyUpdate mutation.
Fields
| Field Name | Description |
|---|---|
clientContact - ClientContact!
|
Client contact for which company relationships have been added or deleted |
statuses - [CompanyBulkUpdateStatus]
|
Holds status/message response for client contact bulk company relationship updates |
Example
{
"clientContact": ClientContact,
"statuses": [CompanyBulkUpdateStatus]
}
ClientContactCompanyRelationship
Description
Company for which the client contact is responsible for receiving escalations
Fields
| Field Name | Description |
|---|---|
id - Int!
|
ID of the relationship between client and company |
bvid - UUID!
|
BV ID of the company for which contact receives escalations |
primaryName - String!
|
Primary name of the company for which contact received escalations |
escalationPreference - AddressType!
|
Recipient field for contact's email address: 'to' or 'cc' (primary/notification) |
createdTS - String!
|
Timestamp when relationship between contact and company was created |
updatedTS - String!
|
Timestamp when relationship between contact and company was last updated |
createdBy - String!
|
Username that created the relationship between contact and company |
updatedBy - String!
|
Username that last updated the relationship between contact and company |
Example
{
"id": 987,
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"primaryName": "xyz789",
"escalationPreference": "to",
"createdTS": "abc123",
"updatedTS": "abc123",
"createdBy": "abc123",
"updatedBy": "abc123"
}
ClientContactCompanyRelationshipInfo
Description
This is the holder for client contact company relationships, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
Limit and offset echo back the parameters |
totalCount - Int!
|
Count of company relationships matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of company relationships returned |
companyRelationships - [ClientContactCompanyRelationship!]
|
Companies for which the contact is responsible for receiving escalations |
Example
{
"offset": 987,
"limit": 987,
"totalCount": 123,
"pageLength": 123,
"companyRelationships": [
ClientContactCompanyRelationship
]
}
ClientContactCompanyRelationshipToAdd
Description
Input for a company for which the client contact is responsible for receiving escalations
Fields
| Input Field | Description |
|---|---|
bvid - UUID!
|
BV ID of the company for which contact receives escalations |
escalationPreference - AddressType!
|
Recipient field for contact's email address: 'to' or 'cc' (primary/notification) |
Example
{
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"escalationPreference": "to"
}
ClientContactCompanyRelationshipToDelete
Description
Input for a company for which the client contact is no longer responsible for receiving escalations. Supply either the id or the bvid field but not both.
Example
{
"id": 123,
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
}
ClientContactCompanyRelationshipToUpdate
Description
Input for a company for which the client contact is responsible for receiving escalations. Supply either the id or the bvid but not both.
Fields
| Input Field | Description |
|---|---|
id - Int
|
ID of the relationship between client and company |
bvid - UUID
|
BV ID of the company for which contact receives escalations |
escalationPreference - AddressType!
|
Recipient field for contact's email address: 'to' or 'cc' (primary/notification) |
Example
{
"id": 123,
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"escalationPreference": "to"
}
ClientContactInfo
Description
This is the holder for client contacts, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
Limit and offset echo back the parameters |
totalCount - Int!
|
Count of client contacts matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of client contacts returned |
clientContacts - [ClientContact!]
|
Client contacts - contacts AT a client |
Example
{
"offset": 987,
"limit": 123,
"totalCount": 123,
"pageLength": 987,
"clientContacts": [ClientContact]
}
ClientContactLookup
Description
Used to look up client contact either by ID or by email, or to create it on the fly (if createNewClientContact in clientContactBulkCompanyUpdate is true)
Fields
| Input Field | Description |
|---|---|
id - Int
|
ID of contact to be looked up. Either id or email is required but both are an error |
email - String
|
Email address of contact to be looked up. Either id or email is required but both are an error |
name - String
|
Full name of contact (required if adding a contact) |
jobTitle - String
|
Contact's job title (if adding a contact) |
businessPhoneNumber - String
|
Contact's phone number (if adding a contact) |
Example
{
"id": 987,
"email": "xyz789",
"name": "abc123",
"jobTitle": "abc123",
"businessPhoneNumber": "xyz789"
}
ClientContactToAdd
Description
Input to create a new client contact - a contact AT the client
Fields
| Input Field | Description |
|---|---|
contactName - String!
|
Full name of contact |
email - String!
|
Contact email - unique at the client |
businessPhoneNumber - String
|
Contact's phone number |
jobTitle - String
|
Contact's job title |
companyRelationships - [ClientContactCompanyRelationshipToAdd!]!
|
Companies for which contact is responsible for receiving escalations |
Example
{
"contactName": "xyz789",
"email": "abc123",
"businessPhoneNumber": "xyz789",
"jobTitle": "xyz789",
"companyRelationships": [
ClientContactCompanyRelationshipToAdd
]
}
ClientContactToCompany
Description
Client contacts are contacts AT the client. They may get escalations for multiple companies/vendors. This is the flattened view of client contact-to-company from the companyInfo query.
Fields
| Field Name | Description |
|---|---|
id - Int!
|
ID of the contact |
contactName - String!
|
Full name of contact |
email - String!
|
Contact email - unique at the client |
businessPhoneNumber - String!
|
Contact's phone number |
jobTitle - String!
|
Contact's job title |
createdTS - String!
|
Timestamp when contact was created |
updatedTS - String!
|
Timestamp when contact was last updated |
createdBy - String!
|
Username that created this contact |
updatedBy - String!
|
Username that last updated this contact |
companyRelationship - ClientContactCompanyRelationship!
|
Company for which the contact is responsible for receiving escalations |
Example
{
"id": 123,
"contactName": "xyz789",
"email": "abc123",
"businessPhoneNumber": "xyz789",
"jobTitle": "abc123",
"createdTS": "abc123",
"updatedTS": "xyz789",
"createdBy": "abc123",
"updatedBy": "abc123",
"companyRelationship": ClientContactCompanyRelationship
}
ClientContactToUpdate
Description
Input to update a client contact - a contact AT the client
Fields
| Input Field | Description |
|---|---|
id - Int!
|
ID of the contact |
companyRelationshipsToAdd - [ClientContactCompanyRelationshipToAdd!]
|
Use to add companies for which contact is responsible for receiving escalations |
companyRelationshipsToUpdate - [ClientContactCompanyRelationshipToUpdate!]
|
Use to update the escalation preference for companies for which contact is responsible for receiving escalations |
companyRelationshipsToDelete - [ClientContactCompanyRelationshipToDelete!]
|
Use to delete companies for which contact is no longer responsible for receiving escalations |
deleteAllCompanyRelationshipsFlag - Boolean
|
If true, delete all the contact's company relationships. Cannot be used with the companyRelationships* fields. |
ignoreHarmlessErrors - Boolean
|
If true, ignore errors when trying to add company relationships that already exist, or trying to delete company relationships that don't exist. Existing relationships will have their escalation preferences updated. |
Example
{
"id": 987,
"companyRelationshipsToAdd": [
ClientContactCompanyRelationshipToAdd
],
"companyRelationshipsToUpdate": [
ClientContactCompanyRelationshipToUpdate
],
"companyRelationshipsToDelete": [
ClientContactCompanyRelationshipToDelete
],
"deleteAllCompanyRelationshipsFlag": true,
"ignoreHarmlessErrors": true
}
ClientEntityData
Description
Full data related to client-provided ID, and optional name and domain, associated with a company.
Part of the CompanyBROnly and Company types and returned by the clientEntityDataUpdate mutation.
Fields
| Field Name | Description |
|---|---|
id - Int64!
|
System ID associated with clientEntityId |
clientEntityId - String!
|
Case-insensitive client-provided identifier for a company that is unique across all the client's companies |
clientEntityName - String!
|
Optional client-provided company name associated with clientEntityId |
clientEntityDomain - String!
|
Optional client-provided company domain associated with clientEntityId |
createdBy - String!
|
Username that created this item |
createdTS - Time!
|
Timestamp when created |
updatedBy - String!
|
Username that last updated this item |
updatedTS - Time!
|
Timestamp when last updated |
Example
{
"id": 123,
"clientEntityId": "xyz789",
"clientEntityName": "xyz789",
"clientEntityDomain": "abc123",
"createdBy": "abc123",
"createdTS": "-",
"updatedBy": "xyz789",
"updatedTS": "-"
}
ClientEntityDataInput
Description
Client-provided ID, and optional name and domain, associated with a company.
Used by the portfolioCompanyAdd mutation.
Fields
| Input Field | Description |
|---|---|
clientEntityId - String!
|
Case-insensitive client-provided identifier for a company that is unique across all the client's companies |
clientEntityName - String
|
Optional client-provided company name associated with clientEntityId |
clientEntityDomain - String
|
Optional client-provided company domain associated with clientEntityId |
Example
{
"clientEntityId": "abc123",
"clientEntityName": "abc123",
"clientEntityDomain": "abc123"
}
ClientEntityDataRequest
Description
Requested client-provided ID, and optional name and domain, associated with a company
Part of the CompanyRequest type, which is returned by the companyRequestCreate and companyRequestCancel mutations and is part of the CompanyRequestInfo type returned from the companyRequestInfo query.
Fields
| Field Name | Description |
|---|---|
clientEntityId - String!
|
Case-insensitive client-provided identifier for a company that is unique across all the client's companies |
clientEntityName - String!
|
Optional client-provided company name associated with clientEntityId |
clientEntityDomain - String!
|
Optional client-provided company domain associated with clientEntityId |
Example
{
"clientEntityId": "xyz789",
"clientEntityName": "xyz789",
"clientEntityDomain": "abc123"
}
ClientEntityDataToAdd
Description
Client-provided ID, and optional name and domain, associated with a company.
Part of the ClientEntityDataUpdate type, which is the input to the clientEntityDataUpdate mutation.
Fields
| Input Field | Description |
|---|---|
clientEntityId - String!
|
Case-insensitive client-provided identifier for a company that is unique across all the client's companies |
clientEntityName - String
|
Optional client-provided company name associated with clientEntityId |
clientEntityDomain - String
|
Optional client-provided company domain associated with clientEntityId |
Example
{
"clientEntityId": "abc123",
"clientEntityName": "xyz789",
"clientEntityDomain": "abc123"
}
ClientEntityDataToDelete
Description
Client-provided ID, and optional name and domain, associated with a company, used as input. Either id or clientEntityIdToLookup must be provided to identify the item to delete.
Part of the ClientEntityDataUpdate type, which is the input to the clientEntityDataUpdate mutation.
Fields
| Input Field | Description |
|---|---|
id - Int64
|
System ID associated with clientEntityId that is to be deleted. Provide either id or clientEntityIdToLookup, but not both. |
clientEntityIdToLookup - String
|
The client-provided identifier for a company that is to be deleted. Provide either id or clientEntityIdToLookup, but not both. |
Example
{
"id": 123,
"clientEntityIdToLookup": "abc123"
}
ClientEntityDataToUpdate
Description
Client-provided ID, and optional name and domain, associated with a company, used as input. Either id or clientEntityIdToLookup must be provided to identify the item to update.
Part of the ClientEntityDataUpdate type, which is the input to the clientEntityDataUpdate mutation.
Fields
| Input Field | Description |
|---|---|
id - Int64
|
System ID associated with clientEntityId that is to be changed. Provide either id or clientEntityIdToLookup, but not both. |
clientEntityIdToLookup - String
|
The client-provided identifier for a company that is to be changed. Provide either id or clientEntityIdToLookup, but not both. |
clientEntityId - String
|
New case-insensitive client-provided identifier for a company that is unique across all the client's companies |
clientEntityName - String
|
Optional new client-provided company name associated with clientEntityId |
clientEntityDomain - String
|
Optional new client-provided company domain associated with clientEntityId |
Example
{
"id": 123,
"clientEntityIdToLookup": "abc123",
"clientEntityId": "xyz789",
"clientEntityName": "xyz789",
"clientEntityDomain": "xyz789"
}
ClientEntityDataUpdate
Description
Update some or all client entity IDs for a single company. The order of operations is delete, update, add. At least one of clientEntityDataToAdd, clientEntityDataToUpdate, and clientEntityDataToDelete is required.
This is the input to the clientEntityDataUpdate mutation.
Fields
| Input Field | Description |
|---|---|
bvid - UUID!
|
The unique BlueVoyant identifier (BV ID) of the company. |
clientEntityDataToAdd - [ClientEntityDataToAdd!]
|
Client entity data items to add |
clientEntityDataToUpdate - [ClientEntityDataToUpdate!]
|
Client entity data items to update |
clientEntityDataToDelete - [ClientEntityDataToDelete!]
|
Client entity data items to delete |
Example
{
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"clientEntityDataToAdd": [ClientEntityDataToAdd],
"clientEntityDataToUpdate": [ClientEntityDataToUpdate],
"clientEntityDataToDelete": [ClientEntityDataToDelete]
}
ClientMini
Description
Partial client info for client associated with TPRM portal/API user
Example
{
"clientUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"clientName": "xyz789",
"defaultFlag": true,
"realmId": "xyz789",
"bvgsCustomerId": 123
}
CloudProviderInfo
Description
Information about cloud provider for an IP
Example
{
"country": "abc123",
"notes": "xyz789",
"city": "abc123",
"zone": "xyz789",
"cloudProvider": "abc123",
"bvSource": "xyz789",
"cidr": "xyz789",
"cloudServiceName": "abc123",
"state": "xyz789",
"region": "xyz789"
}
CloudStorageInsight
Fields
| Field Name | Description |
|---|---|
provider - String!
|
|
domain - String!
|
|
qname - String!
|
|
cname - String!
|
|
bucketName - String!
|
|
isIndexable - Boolean!
|
|
fileCount - String
|
|
lastUpdated - String!
|
|
lastObservedTS - Time
|
|
Provider - String!
|
Use 'provider' |
Domain - String!
|
Use 'domain' |
Qname - String!
|
Use 'qname' |
Cname - String!
|
Use 'cname' |
BucketName - String!
|
Use 'bucketName' |
IsIndexable - Boolean!
|
Use 'isIndexable' |
FileCount - String
|
Use 'fileCount' |
Example
{
"provider": "xyz789",
"domain": "xyz789",
"qname": "xyz789",
"cname": "xyz789",
"bucketName": "xyz789",
"isIndexable": true,
"fileCount": "xyz789",
"lastUpdated": "abc123",
"lastObservedTS": "-",
"Provider": "abc123",
"Domain": "xyz789",
"Qname": "xyz789",
"Cname": "abc123",
"BucketName": "xyz789",
"IsIndexable": false,
"FileCount": "xyz789"
}
CloudStorageInsightByCompanyInfo
Fields
| Field Name | Description |
|---|---|
totalCount - Int64!
|
Total number of cloud storage insights. |
pageLength - Int!
|
Amount of cloud storage insights return in this query. |
cloudStorageInsights - [CloudStorageInsight]
|
List of cloud insights by company. |
Example
{
"totalCount": 123,
"pageLength": 987,
"cloudStorageInsights": [CloudStorageInsight]
}
CloudStorageInsightInfo
Description
A collection of cloud storage insight info organized by finding code. Includes finding code's description, summary, and assessment date.
Fields
| Field Name | Description |
|---|---|
summary - String
|
A brief summary of the finding code |
description - String
|
A description of what the finding code is. |
assessmentDateEnd - String
|
The most recent assessment date |
findingCode - Int64
|
The finding code of these vendor discoveries. |
cloudStorageInsights - [CloudStorageInsight]
|
List of cloud insights of a specific finding code |
Example
{
"summary": "abc123",
"description": "abc123",
"assessmentDateEnd": "xyz789",
"findingCode": 123,
"cloudStorageInsights": [CloudStorageInsight]
}
Company
Description
Information about a company being monitored in the client's portfolios. In TPRM terminology this is a third-party / vendor / supplier the client has chosen to monitor for cybersecurity risk. Each company exposes its risk score, findings, vulnerabilities, footprint (IP and domain assets), portfolios it belongs to, contacts, and remediation case data.
Identified by bvid (the canonical id) - sometimes referred to in user questions as "company id".
Synonyms: vendor, supplier, third party, third-party, monitored company, tprm entity, entity, company.
Fields
| Field Name | Description |
|---|---|
bvid - UUID!
|
The BV ID, the unique identifier for the company |
primaryName - String
|
Primary name of the company |
primaryDomain - String
|
Primary domain associated with the company |
companyStatus - String
|
Values are Remediation in Progress, Escalation in Progress, Under Review, Active |
portfolioNames - [String!]
|
Use 'portfolios -> portfolioName' |
portfolioUuids - [UUID!]
|
Use 'portfolios -> portfolioUuid' |
portfolios - [Portfolio!]
|
|
companyScore - Score
|
Use 'riskScore' |
riskScore - Score
|
The overall risk score for the company and associated information |
historicScores - [HistoricScore!]
|
Array of historic scores per company. endDate defaults to most recent assessment end date; startDate defaults to 30 days before endDate. Dates are in 'YYYY-MM-DD' format. |
categoryScores - CategoryScores
|
Scores for this company in each risk category |
peerScores - [PeerScore!]
|
Sets of scores associated with risk categories and the overall score for a company's industry peers. A peer is defined as an organization in the same industry, and one that has a similar digital footprint size range. |
peerHistoryScores - [PeerScore!]
|
A history of Sets of scores associated with risk categories and the overall score for a company's industry peers. A peer is defined as an organization in the same industry, and one that has a similar digital footprint size range. |
attributes - [String!]
|
Client-provided attributes or tags that can be associated with one or more companies, used for filtering or grouping companies |
clientEntityIds - [String!]
|
clientEntityIds are case-insensitive identifiers allocated by the client for a company (entity). Typically you would use them to store your internal company identifiers (or a surrogate therefore) in our system. A clientEntityId can only be assigned to one company in all of the client's portfolios. |
clientEntityData - [ClientEntityData!]
|
clientEntityIds and their associated info, which could include an optional name or domain. A clientEntityId is an identifier allocated by the client for a company (entity). A clientEntityId can only be assigned to one company in all of the client's portfolios. |
serviceAttributes - [ServiceAttribute!]
|
Service attributes/licenses the company has |
findingInfo - FindingInfo
|
Pagination is not per company (that's annoying) but over the whole set of findings. i.e. without limitation of the companies to those with findings or pagination of the companies, you will likely have lots of companies without findings. See the companyInfo query for filtering |
numFindings - Int
|
|
findingsWaitingForResponse - Int
|
|
numberOfEscalatedFindings - Int
|
|
numberofActionableOpenEscalatedFindings - Int
|
|
numberOfActionableOpenFindings - Int
|
|
findingsInDispute - Int
|
|
findingsOverdue - Int
|
|
industryDescription - String
|
The company's industry description |
scorePercentile - Float
|
This has never actually been a peer percentile, but a percentile of all scores |
exceedsRiskTolerance - Boolean
|
|
exceedsRiskToleranceFirstDate - String
|
|
escalationPath - EscalationPath
|
|
firstAddedTS - String
|
Time when first added to an external portfolio of this client |
history - [History!]
|
Now deprecated - use companyHistoryInfo. One subtlety to note is that if you use both companyHistoryInfo and this history property you will get the same data from both even if the parameters are different. Use 'companyHistoryInfo' |
Arguments
|
|
companyHistoryInfo - CompanyHistoryInfo
|
Event history (changes to escalation status and whether risk tolerance is exceeded) for this company. Default look-back period is 30 days. The limits and offset are applied per company. |
detectedSecurityDevices - [SecurityDevice!]
|
Security devices detected for company |
detectedSecurityDevicesByFindingCode - [SecurityDeviceInfo!]
|
Security devices by finding code |
emailDkim - EmailDkimDmarcSpfInfo
|
Retrieve DKIM authentication email information. |
emailDmarc - EmailDkimDmarcSpfInfo
|
Retrieve DMARC authentication email information. |
emailSpf - EmailDkimDmarcSpfInfo
|
Retrieve SPF authentication email information. |
fourthPartyExposure - [ExposureData!]
|
Fourth-party exposure insights |
fourthPartyExposureByFindingCode - [FourthPartyExposureInsights!]
|
Fourth party exposure organized by finding code |
fourthPartyBreachCount - Int
|
Fourth party breach event count in the last year |
cloudStorage - CloudStorageInsightByCompanyInfo
|
Cloud storage (e.g. S3, GCS) that is publicly visible. The limit and offset are per company. |
cloudStorageByFindingCode - [CloudStorageInsightInfo!]
|
Cloud storage organized by finding code. |
cloudStorageBucketCount - Int
|
Cloud storage distinct bucket name count |
productsByDomainDetection - [ProductByDomainDetection!]
|
Products detected on domains |
productsByDomainDetectionByFindingCode - [ProductByDomainDetectionInfo!]
|
Products detected on domains organized by finding codes |
emailSaasDomainsWithoutSecurityCount - Int
|
Number of distinct domains detected without third-party email security products |
productsByIPDetection - [ProductByIPDetection!]
|
Products detected on IPs |
productsByIPDetectionByFindingCode - [ProductByIPDetectionInsights]
|
Products detected on IPs organized by finding code |
exposedLoginPortalCount - Int
|
Number of distinct IPs detected with exposed login portals |
topTenAssets - [Asset]
|
Top assets by numbers of findings and observations |
topTenAssetsByFindingCode - [TopTenInfo]
|
Top assets by numbers of findings and observations |
vendorDiscovery - [VendorDiscovery!]
|
Vendors known to be used by company (also called "Vendor Dependency") |
vendorDiscoveryByFindingCode - [VendorDiscoveryInsights!]
|
Vendor discovery organized by finding code with the finding code's summary and description |
cpeCVE - [CPECVE!]
|
CPEs and CVEs pertaining to this company. findingHash can be used to cross-reference with the findings (also available on findings) |
cisaKev - [CISAKEVCVE!]
|
CVEs that include a KEV list flag and the confidence rating |
footprintSummary - FootprintSummary
|
Summary information for this company's most recent footprint, including total counts of IP addresses, CIDR ranges, and domains, plus the geographic distribution of those assets across countries. Use this for questions about a company's overall asset/infrastructure size, or a quick country-level breakdown. For asset-level detail with filtering use ipInfo and domainInfo. Synonyms: asset summary, infrastructure overview, asset counts, geographic distribution. Changes to footprints after the date of the end of the scoring assessment period (assessmentDateEnd) will not be reflected in findings, scores, or details until the next nightly scoring run, so it's expected that assets recently removed from a footprint could still appear in findings. |
domains - [DomainInfo!]
|
Registration info for domains in this company's most recent footprint. Changes to footprints after the date of the end of the scoring assessment period (assessmentDateEnd) will not be reflected in findings, scores, or details until the next nightly scoring run, so it's expected that assets recently removed from a footprint could still appear in findings. Use domainInfo. |
domainInfo - DomainListInfo
|
Domain-based assets in this company's public-facing internet footprint, with full registration metadata (registrant, registrar, country, address, name servers). Use this for questions about a company's domains, web assets, or internet presence. Each domain also exposes hostname-resolution country counts via hostCounts for geography-of-domain analysis. Changes to footprints after the date of the end of the scoring assessment period (assessmentDateEnd) will not be reflected in findings, scores, or details until the next nightly scoring run, so it's expected that assets recently removed from a footprint could still appear in findings. Synonyms: domains, web assets, hostnames, internet assets, footprint domains, surface area, attack surface. |
Arguments
|
|
totalHostnameCountryCount - Int
|
Total number of countries with hostname resolutions (whose IPs resolve to a particular country) for this footprint (part of network characterization) |
totalHostnameCount - Int64
|
Total number of hostname resolutions (whose IPs resolve to a particular country) for this footprint (part of network characterization) |
countryDomainCounts - [CountryDomainCount!]
|
Countries associated with the footprint's domain resolutions from its hostnames to IP addresses in a country, and the number of domains and hostnames per country. This is part of network characterization, and will not be available initially on a new footprint. |
domainCountryInfo - DomainCountryInfo
|
This list of domains is unique on the combination of domain and country of resolution, (so a particular domain can appear more than once, as opposed to the list in domainInfo). Domain records also include registration info. Not all domains resolve to a country, but they will appear here regardless. |
Arguments
|
|
ips - [IPInfo!]
|
Registration info for IP addresses or ranges in this company's most recent footprint. Changes to footprints after the date of the end of the scoring assessment period (assessmentDateEnd) will not be reflected in findings, scores, or details until the next nightly scoring run, so it's expected that assets recently removed from a footprint could still appear in findings. Use ipInfo. |
ipInfo - IPListInfo
|
IP-based assets (IP addresses and CIDR ranges) belonging to this company's public-facing internet footprint. Each asset includes its current geographic location (country code) and registration metadata. Use this to answer questions about a company's assets, infrastructure, network presence, or where its IPs are located - including filters like "assets in Ukraine" via ipInfo(filter: { countryCodes: ["UA"] }). Changes to footprints after the date of the end of the scoring assessment period (assessmentDateEnd) will not be reflected in findings, scores, or details until the next nightly scoring run, so it's expected that assets recently removed from a footprint could still appear in findings. Synonyms: assets, infrastructure, network, IPs, internet assets, surface area, attack surface. |
Arguments
|
|
activeIpCount - Int64
|
From network characterization, the number of unique IP addresses from the company's footprint with any port open |
observedResolutionCount - Int64
|
From network characterization, the number of observed resolutions associated with the company's footprint. NOT AVAILABLE |
hostingProviderInfo - HostingProviderInfo
|
From network characterization, the providers that the company relies on to make its domains and subdomains available to the internet. |
Arguments
|
|
waitingForStates - [WaitingFor!]
|
The waiting-for state for a company possible values include: BlueVoyant,Client,Third Party,Unset |
gdd - GDD
|
GDD Data are no longer available. This will only return an error. GDD Data are no longer available as of 2024-02-01. |
emergingVulnerabilityInfo - EmergingVulnerabilityInfo
|
Information about emerging vulnerabilities detected for this company. Generally these are recently revealed vulnerabilities that our analysts have manually located in our data and are not yet available as findings. |
vendorContacts - [VendorContact!]
|
Vendor contacts (contacts at the vendor company) responsible for escalations for this company |
clientContacts - [ClientContactToCompany!]
|
Client contacts (contacts at the client) responsible for escalations for this company. The contact may have responsibility for other companies. |
meanTimeToAck - Float
|
Mean time for a company to ack a case, for this client, across all time, in days |
meanTimeToResolve - Float
|
Mean time for a company to resolve a case, for this client, across all time, in days |
currentEscalatedCases - Int
|
Number of currently escalated cases for this company |
firstEscalated - String
|
First date this company ever had an escalated case |
zeroToleranceOrCriticalFindingCount - Int!
|
Count of findings for this company that have critical severity or are zero-tolerance |
firmographicFields - FirmographicData
|
Firmographic information |
companyLogo - CompanyLogo
|
The company's primary domain's logo encoded in base64. |
Example
{
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"primaryName": "abc123",
"primaryDomain": "xyz789",
"companyStatus": "xyz789",
"portfolioNames": ["abc123"],
"portfolioUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"portfolios": [Portfolio],
"companyScore": Score,
"riskScore": Score,
"historicScores": [HistoricScore],
"categoryScores": CategoryScores,
"peerScores": [PeerScore],
"peerHistoryScores": [PeerScore],
"attributes": ["abc123"],
"clientEntityIds": ["abc123"],
"clientEntityData": [ClientEntityData],
"serviceAttributes": [ServiceAttribute],
"findingInfo": FindingInfo,
"numFindings": 987,
"findingsWaitingForResponse": 987,
"numberOfEscalatedFindings": 987,
"numberofActionableOpenEscalatedFindings": 987,
"numberOfActionableOpenFindings": 987,
"findingsInDispute": 123,
"findingsOverdue": 123,
"industryDescription": "xyz789",
"scorePercentile": 123.45,
"exceedsRiskTolerance": true,
"exceedsRiskToleranceFirstDate": "abc123",
"escalationPath": "directTo3rdParty",
"firstAddedTS": "abc123",
"history": [History],
"companyHistoryInfo": CompanyHistoryInfo,
"detectedSecurityDevices": [SecurityDevice],
"detectedSecurityDevicesByFindingCode": [
SecurityDeviceInfo
],
"emailDkim": EmailDkimDmarcSpfInfo,
"emailDmarc": EmailDkimDmarcSpfInfo,
"emailSpf": EmailDkimDmarcSpfInfo,
"fourthPartyExposure": [ExposureData],
"fourthPartyExposureByFindingCode": [
FourthPartyExposureInsights
],
"fourthPartyBreachCount": 987,
"cloudStorage": CloudStorageInsightByCompanyInfo,
"cloudStorageByFindingCode": [CloudStorageInsightInfo],
"cloudStorageBucketCount": 123,
"productsByDomainDetection": [ProductByDomainDetection],
"productsByDomainDetectionByFindingCode": [
ProductByDomainDetectionInfo
],
"emailSaasDomainsWithoutSecurityCount": 987,
"productsByIPDetection": [ProductByIPDetection],
"productsByIPDetectionByFindingCode": [
ProductByIPDetectionInsights
],
"exposedLoginPortalCount": 123,
"topTenAssets": [Asset],
"topTenAssetsByFindingCode": [TopTenInfo],
"vendorDiscovery": [VendorDiscovery],
"vendorDiscoveryByFindingCode": [
VendorDiscoveryInsights
],
"cpeCVE": [CPECVE],
"cisaKev": [CISAKEVCVE],
"footprintSummary": FootprintSummary,
"domains": [DomainInfo],
"domainInfo": DomainListInfo,
"totalHostnameCountryCount": 123,
"totalHostnameCount": 123,
"countryDomainCounts": [CountryDomainCount],
"domainCountryInfo": DomainCountryInfo,
"ips": [IPInfo],
"ipInfo": IPListInfo,
"activeIpCount": 123,
"observedResolutionCount": 123,
"hostingProviderInfo": HostingProviderInfo,
"waitingForStates": ["BlueVoyant"],
"gdd": GDD,
"emergingVulnerabilityInfo": EmergingVulnerabilityInfo,
"vendorContacts": [VendorContact],
"clientContacts": [ClientContactToCompany],
"meanTimeToAck": 987.65,
"meanTimeToResolve": 123.45,
"currentEscalatedCases": 987,
"firstEscalated": "xyz789",
"zeroToleranceOrCriticalFindingCount": 987,
"firmographicFields": FirmographicData,
"companyLogo": CompanyLogo
}
CompanyBROnly
Description
This object contains all the company-related values that can be displayed for a Business Risk-only company (one that is not under cyber risk monitoring). See CompanyByService or CompanyFromSearchResult.
Fields
| Field Name | Description |
|---|---|
bvid - UUID!
|
The BV ID, the unique identifier for the company |
primaryName - String
|
Primary name of the company |
primaryDomain - String
|
Primary domain associated with the company |
attributes - [String!]
|
Client-provided attributes or tags that can be associated with one or more companies, used for filtering or grouping companies |
clientEntityIds - [String!]
|
clientEntityIds are case-insensitive identifiers allocated by the client for a company (entity). Typically you would use them to store your internal company identifiers (or a surrogate therefore) in our system. A clientEntityId can only be assigned to one company in all of the client's portfolios. |
clientEntityData - [ClientEntityData!]
|
clientEntityIds and their associated info, which could include an optional name or domain. A clientEntityId is an identifier allocated by the client for a company (entity). A clientEntityId can only be assigned to one company in all of the client's portfolios. |
industryDescription - String
|
The company's industry description Use 'firmographicFields -> industryDescription' |
firmographicFields - FirmographicData
|
Firmographic data for the company |
serviceAttributes - [ServiceAttribute!]
|
Service attributes/licenses the company has |
portfolios - [Portfolio!]
|
Portfolio(s) the company is in |
companyLogo - CompanyLogo
|
The company's primary domain's logo encoded in base64. |
Example
{
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"primaryName": "xyz789",
"primaryDomain": "xyz789",
"attributes": ["xyz789"],
"clientEntityIds": ["xyz789"],
"clientEntityData": [ClientEntityData],
"industryDescription": "abc123",
"firmographicFields": FirmographicData,
"serviceAttributes": [ServiceAttribute],
"portfolios": [Portfolio],
"companyLogo": CompanyLogo
}
CompanyBase
Description
Common company fields used by CompanyBROnly, and Company
Fields
| Field Name | Description |
|---|---|
bvid - UUID!
|
The BV ID, the unique identifier for the company |
primaryName - String
|
Primary name of the company |
primaryDomain - String
|
Primary domain associated with the company |
attributes - [String!]
|
Client-provided attributes or tags that can be associated with one or more companies, used for filtering or grouping companies |
clientEntityIds - [String!]
|
clientEntityIds are case-insensitive identifiers allocated by the client for a company (entity). Typically you would use them to store your internal company identifiers (or a surrogate therefore) in our system. A clientEntityId can only be assigned to one company in all of the client's portfolios. |
clientEntityData - [ClientEntityData!]
|
clientEntityIds and their associated info, which could include an optional name or domain. A clientEntityId is an identifier allocated by the client for a company (entity). A clientEntityId can only be assigned to one company in all of the client's portfolios. |
industryDescription - String
|
Deprecated - in favor of firmographicFields -> industryDescription Use 'firmographicFields -> industryDescription' |
firmographicFields - FirmographicData
|
Firmographic information for the company |
serviceAttributes - [ServiceAttribute!]
|
Service attributes/licenses the company has |
companyLogo - CompanyLogo
|
The company's primary domain's logo encoded in base64. |
Possible Types
| CompanyBase Types |
|---|
Example
{
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"primaryName": "xyz789",
"primaryDomain": "abc123",
"attributes": ["abc123"],
"clientEntityIds": ["abc123"],
"clientEntityData": [ClientEntityData],
"industryDescription": "abc123",
"firmographicFields": FirmographicData,
"serviceAttributes": [ServiceAttribute],
"companyLogo": CompanyLogo
}
CompanyBulkUpdate
Description
Result of the companyBulkUpdate mutation.
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset echoes back the original offset parameter |
limit - Int
|
Limit returns the limit parameter, which may have been adjusted to the maximum allowed size |
totalCount - Int64!
|
Count of companies matching filter regardless of whether they fit within limit. Bulk update is attempted only for pageLength companies, not totalCount companies. |
pageLength - Int!
|
Number of companies matching the filter criteria (and restricted by the limit), for which the bulk update was attempted |
succeededCount - Int!
|
Number of companies for which updates succeeded |
failedCount - Int!
|
Number of companies for which updates failed |
statuses - [CompanyBulkUpdateStatus]
|
Holds status/message response for company bulk updates, with one item per status/message |
Example
{
"offset": 123,
"limit": 987,
"totalCount": 123,
"pageLength": 987,
"succeededCount": 123,
"failedCount": 987,
"statuses": [CompanyBulkUpdateStatus]
}
CompanyBulkUpdateStatus
Description
Result of a bulk update using filtered companies. This will be null if no companies matched the filter. Part of the CompanyBulkUpdate and ClientContactBulkUpdate types.
Example
{
"bvids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"status": 987,
"message": "xyz789"
}
CompanyByService
Description
Result of a businessRisk query in BusinessRiskInsight. CompanyByService returns a different company type object depending on the service(s) associated with the company: Company - monitored in external_regular portfolios; CompanyBROnly - not under cyber risk monitoring but has a service like Business Risk Monitoring or Cyber Screening; or CompanyOnly - when there are no services at all. CompanyHVM is deprecated.
Types
| Union Types |
|---|
Example
Company
CompanyFilter
Fields
| Input Field | Description |
|---|---|
bvids - [UUID!]
|
The BV ID is the unique identifier for the company. Default = null |
bvidsToExclude - [UUID!]
|
Exclude companies matching these BV IDs even if matched by the other filters. Default = null |
portfolioType - PortfolioType
|
The only allowed portfolio type is 'external_regular', which is the default |
portfolioUuids - [UUID!]
|
|
portfolioNames - [String!]
|
Filter on exact portfolio name(s) containing companies. Default = null |
attributes - [String]
|
Search on attributes is case-sensitive and exact. Supply an empty string as a value to match companies with no attributes. Default = null |
clientEntityIds - [String]
|
A clientEntityId is an identifier allocated by the client for a company (entity). A clientEntityId is unique case-insensitively across all companies in the client's portfolios. This field is for exact, case-sensitive matches only. Do not use with the clientEntityIdsWildcard filter field. Default = null |
clientEntityIdsWildcard - [String!]
|
A clientEntityId is an identifier allocated by the client for a company (entity). A clientEntityId is unique case-insensitively across all companies in the client's portfolios. This field is for partial, case-insensitive matches. Do not use with the clientEntityIds filter field. Default = null |
primaryNames - [String!]
|
Filter by primary name of company with wildcard matching. Default = null |
primaryDomains - [String!]
|
Filter by primary domain of company with wildcard matching. Default = null |
industryCodes - [String]
|
Filter by the industry code of company (integer format). Default = null |
industryDescriptions - [String]
|
Filter by the industry description of the company with wildcard matching. Default = null |
companyStatuses - [CompanyStatus]
|
|
exceedsRiskTolerance - Boolean
|
|
riskScoreMax - Float
|
Filter by maximum overall risk score (riskScore.score) for companies, which can be from 0 to 100, or null if not scored. NOTE: setting this field (even to 100) restricts results to companies that have a score; companies with a null (unscored) score are filtered out. Leave it unset (null) to include unscored companies. Default = null |
riskScoreMin - Float
|
Filter by minimum overall risk score (riskScore.score) for companies, which can be from 0 to 100, or null if not scored. NOTE: setting this field, even to 0, restricts results to companies that have a score; companies with a null (unscored) score are filtered out (a null score is not treated as 0). Leave it unset (null) to include unscored companies. Default = null |
riskLevels - [RiskLevel!]
|
Filter by a bucketing of the risk level. Default = null |
escalationPath - [EscalationPath!]
|
|
legacyEscalationPathString - [String!]
|
If escalationPath is also specified the result will be the disjunction of all items in both arrays. Default = null |
escalationStatuses - [FindingEscalationStatus!]
|
|
waitingFor - [WaitingFor]
|
|
sortBy - [CompanySortBy]
|
Example
An example at this level does nothing, stuff them on the fields
CompanyFromSearchResult
Description
Result of a companySearch query. CompanyFromSearchResult returns a different company type object depending on the service(s) associated with the company: Company - monitored in external_regular portfolios; CompanyBROnly - not under cyber risk monitoring but has a service like Business Risk Monitoring or Cyber Screening; or CompanyOnly - when there are no services at all. CompanyHVM is deprecated.
Note that Company and CompanyBROnly can be accessed with ... on CompanyBase but CompanyOnly must be separately accessed with ... on CompanyOnly
Types
| Union Types |
|---|
Example
Company
CompanyHVM
Description
This object contains all the company-related values that can be displayed for an HVM entity (deprecated).
Fields
| Field Name | Description |
|---|---|
bvid - UUID!
|
The BV ID, the unique identifier for the company |
primaryName - String
|
Primary name of the company |
primaryDomain - String
|
Primary domain associated with the company |
attributes - [String!]
|
Client-provided attributes or tags that can be associated with one or more companies, used for filtering or grouping companies |
clientEntityIds - [String!]
|
clientEntityIds are case-insensitive identifiers allocated by the client for a company (entity). Typically you would use them to store your internal company identifiers (or a surrogate therefore) in our system. A clientEntityId can only be assigned to one company in all of the client's portfolios. |
clientEntityData - [ClientEntityData!]
|
clientEntityIds and their associated info, which could include an optional name or domain. A clientEntityId is an identifier allocated by the client for a company (entity). A clientEntityId can only be assigned to one company in all of the client's portfolios. |
industryDescription - String
|
Use 'firmographicFields -> industryDescription' |
firmographicFields - FirmographicData
|
|
portfolios - [Portfolio!]
|
|
zeroToleranceOrCriticalFindingCount - Int!
|
Count of findings for this company that have critical severity or are zero-tolerance |
riskScore - ScoreHVM
|
The overall risk score for the company and associated information |
serviceAttributes - [ServiceAttribute!]
|
Service attributes/licenses the company has |
companyLogo - CompanyLogo
|
The company's primary domain's logo encoded in base64. |
Example
{
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"primaryName": "xyz789",
"primaryDomain": "abc123",
"attributes": ["abc123"],
"clientEntityIds": ["xyz789"],
"clientEntityData": [ClientEntityData],
"industryDescription": "abc123",
"firmographicFields": FirmographicData,
"portfolios": [Portfolio],
"zeroToleranceOrCriticalFindingCount": 123,
"riskScore": ScoreHVM,
"serviceAttributes": [ServiceAttribute],
"companyLogo": CompanyLogo
}
CompanyHistory
Description
An event indicating a change to a company's escalation status or to whether it exceeds risk tolerance, part of the CompanyHistoryInfo type in the companyHistoryInfo part of the Company type, returned as part of the companyInfo query.
Fields
| Field Name | Description |
|---|---|
id - UUID
|
A unique ID for the event |
message - String
|
A short description of the change |
timestamp - String
|
When the event occurred |
description - String
|
A description of the change |
updateType - String
|
The type of event or change: "Exceeds Risk Tolerance" or "Status" |
updateValue - String
|
The new value after the change |
Example
{
"id": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"message": "xyz789",
"timestamp": "2022-07-06T20:23:47.942826Z",
"description": "xyz789",
"updateType": "Exceeds Risk Tolerance",
"updateValue": "true"
}
CompanyHistoryInfo
Description
This is the holder for escalation status and risk tolerance event history for a company, with pagination and counts, returned as part of the companyHistoryInfo part of the Company type that is returned from the companyInfo query.
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters. Applied per company |
limit - Int
|
Offset and limit echo back the parameters. Applied per company |
totalCount - Int64
|
Total count of events |
pageLength - Int!
|
Number of events returned |
statusChangeCount - Int64
|
Number of events indicating a change to escalation status within the date range, but not subject to the limit |
riskToleranceChangeCount - Int64
|
Number of events indicating a change to whether the company exceeds risk tolerance within the date range, but not subject to the limit |
companyHistory - [CompanyHistory!]
|
Events returned |
Example
{
"offset": 123,
"limit": 987,
"totalCount": 123,
"pageLength": 987,
"statusChangeCount": 123,
"riskToleranceChangeCount": 123,
"companyHistory": [CompanyHistory]
}
CompanyInfo
Description
This is the holder for companies, from a companyInfo query, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
Limit and offset echo back the parameters |
totalCount - Int!
|
Count of companies matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of companies returned |
companies - [Company!]
|
Companies in the client's portfolios |
commonAttributes - [String!]
|
Common attributes in all returned (pageLength) companies |
Example
{
"offset": 123,
"limit": 123,
"totalCount": 987,
"pageLength": 123,
"companies": [Company],
"commonAttributes": ["abc123"]
}
CompanyLogo
Fields
| Field Name | Description |
|---|---|
domain - String!
|
This is the domain being looked up. It is normally the primary domain of the company. |
logoSmallBase64 - String
|
The company's logo encoded in base64. Example of how to include base64 string in UI: htmlStr= |
Example
{
"domain": "abc123",
"logoSmallBase64": "xyz789"
}
CompanyMatchedFieldOrdinal
Description
Part of the CompanySearchResultMatchedField type, indicating the ordinal value of the field that was matched in a companySearch query
Values
| Enum Value | Description |
|---|---|
|
|
Indicates the match was on the company's primary name or domain |
|
|
Indicates the match was on one of the company's alternate, or secondary, names or domains |
|
|
Indicates the match was not directly on the company object (e.g. it was on a domain in the company's footprint) |
Example
"primary"
CompanyMatchedFieldType
Description
Part of the CompanySearchResultMatchedField type, indicating the type of the field that was matched in a companySearch query
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"name"
CompanyOnly
Description
Company information available when when using companySearch to add a company to portfolios, from data associated with the company directly, for a company that is not in a client's portfolios. See CompanyFromSearchResult.
Fields
| Field Name | Description |
|---|---|
bvid - UUID!
|
The BV ID, the unique identifier for the company |
primaryName - String
|
Primary name of the company |
primaryDomain - String
|
Primary domain associated with the company |
firmographicFields - FirmographicData
|
The firmographic data for a company |
companyLogo - CompanyLogo
|
The company's primary domain's logo encoded in base64. |
Example
{
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"primaryName": "xyz789",
"primaryDomain": "xyz789",
"firmographicFields": FirmographicData,
"companyLogo": CompanyLogo
}
CompanyRequest
Description
A request to add a company to the system and to a client's portfolio.
Returned as part of the CompanyRequestResponse type from the companyRequestCreate and companyRequestCancel mutations, and part of the CompanyRequestInfo type returned from the companyRequestInfo query.
Fields
| Field Name | Description |
|---|---|
requestUuid - UUID!
|
Unique identifier for this request, in UUID format |
attributes - [String]
|
Client-provided attributes for the requested company |
bvid - UUID
|
The unique BlueVoyant identifier of the company after it has been located or created |
canceledReason - String
|
Reason for cancelation of request, if canceled |
primaryDomain - String!
|
The primary domain of the requested company |
clientEntityId - String!
|
Client's primary, unique, case-insensitive ID for the requested company |
clientEntityData - [ClientEntityDataRequest]
|
Additional client-provided IDs/names/domains for the requested company |
primaryName - String!
|
The primary name of the requested company |
notes - String!
|
Client-submitted notes |
open - Boolean!
|
True (open) if request still being worked; false (closed) if it is completed or canceled |
portfolioUuid - UUID!
|
UUID of portfolio that should hold the requested company |
status - CompanyRequestStatus!
|
Status of the request |
serviceAttributes - [ServiceAttribute!]
|
Requested service attributes (e.g. Cyber Screening) |
createdBy - String!
|
Username that created this item |
createdTS - Time!
|
Timestamp when created |
updatedBy - String!
|
Username that last updated this item |
updatedTS - Time!
|
Timestamp when last updated |
Example
{
"requestUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"attributes": ["xyz789"],
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"canceledReason": "xyz789",
"primaryDomain": "xyz789",
"clientEntityId": "xyz789",
"clientEntityData": [ClientEntityDataRequest],
"primaryName": "abc123",
"notes": "xyz789",
"open": false,
"portfolioUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"status": "Received",
"serviceAttributes": [ServiceAttribute],
"createdBy": "xyz789",
"createdTS": "-",
"updatedBy": "xyz789",
"updatedTS": "-"
}
CompanyRequestFilter
Description
Where a field is specified, only select requests with a value matching one of those in the set specified. Only return requests for which all per-field constraints are met.
null for no restriction.
Fields
| Input Field | Description |
|---|---|
requestUuids - [UUID!]
|
Filter by unique identifiers for company-creation requests, in UUID format |
open - Boolean
|
Filter on whether requests are open. Open states: Received, In progress, Actioned, Footprinted. Closed states: Completed, Canceled by customer, Canceled by analyst). |
statuses - [CompanyRequestStatus!]
|
The request status to filter on (Received: Initial state of the request; In progress: Analyst has begun work; Actioned: Company has been located or created; Footprinted: Company has been footprinted and appears in portfolio; Completed: Company has scores and analytics) |
createdTS - Time
|
Only get requests created since this time |
updatedTS - Time
|
Only get requests updated since this time |
Example
{
"requestUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"open": true,
"statuses": ["Received"],
"createdTS": "-",
"updatedTS": "-"
}
CompanyRequestInfo
Description
This is the holder for company requests from the companyRequestInfo query, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
|
totalCount - Int!
|
Count of company requests matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of company requests returned |
companyRequests - [CompanyRequest!]
|
Company requests |
Example
{
"offset": 123,
"limit": 987,
"totalCount": 123,
"pageLength": 987,
"companyRequests": [CompanyRequest]
}
CompanyRequestResponse
Description
Response to a mutation on CompanyRequest
Fields
| Field Name | Description |
|---|---|
code - Int!
|
HTTP response code |
message - String!
|
Error or success message |
success - Boolean!
|
Whether the mutation was successful |
companyRequest - CompanyRequest
|
Company request that was created or canceled |
Example
{
"code": 987,
"message": "xyz789",
"success": false,
"companyRequest": CompanyRequest
}
CompanyRequestSortBy
Fields
| Input Field | Description |
|---|---|
field - CompanyRequestSorts!
|
|
direction - SortDirection
|
Example
{"field": "createdTS", "direction": "asc"}
CompanyRequestSorts
Description
Fields available to sort company requests by; default: createdTS desc
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Primary name of the company |
|
|
|
|
|
|
|
|
|
|
|
Example
"createdTS"
CompanyRequestStatus
Description
Status of a company request
Values
| Enum Value | Description |
|---|---|
|
|
Initial state of the request (open) |
|
|
Analyst has begun work (open) |
|
|
Company has been located or created (open) |
|
|
Company has been footprinted and appears in portfolio (open) |
|
|
Company has scores and analytics (closed) |
|
|
Canceled (closed) |
|
|
Canceled (closed) |
Example
"Received"
CompanyRequestToAdd
Description
Data to include to create a request to add a company to the system and to a client's portfolios of monitored companies, and/or to Cyber Screening
Fields
| Input Field | Description |
|---|---|
portfolioUuid - UUID
|
UUID of portfolio that will hold the requested company if it should be under cyber risk monitoring. Required if addToCyberScreening is false, optional otherwise. The portfolioUuid field in particular is restricted to users with manager (and higher-level) roles (and the rest of the endpoint is restricted to analyst or higher). |
addToCyberScreening - Boolean
|
If selected, add this company to Cyber Screening. If this is the only service requested, portfolioUuid does not need to be set, but it can be if cyber risk monitoring is also desired. The client must have the Cyber Screening license. This endpoint and the addToCyberScreening field in particular are restricted to users with analyst (and higher-level) roles. |
primaryName - String
|
The primary name of the requested company |
primaryDomain - String
|
The primary domain of the requested company. The domain is required unless 'force' is set to true |
clientEntityId - String
|
Client's primary unique ID for the requested company |
clientEntityData - [ClientEntityDataInput!]
|
Additional client-provided IDs/names/domains for the company |
attributes - [String!]
|
Client-provided attributes or tags that can be associated with one or more companies, used for filtering or grouping companies |
notes - String
|
Client-submitted notes |
force - Boolean
|
Force request creation without providing a domain |
Example
{
"portfolioUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"addToCyberScreening": true,
"primaryName": "abc123",
"primaryDomain": "xyz789",
"clientEntityId": "abc123",
"clientEntityData": [ClientEntityDataInput],
"attributes": ["abc123"],
"notes": "abc123",
"force": false
}
CompanyRequestToCancel
Description
Data to provide to cancel a request to add a company to the system and to a client's portfolio
Example
{
"requestUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"reason": "abc123"
}
CompanySearchInfo
Description
This is the holder for CompanyWithSearchResults from a companySearch query against all companies known to BlueVoyant, with counts
Fields
| Field Name | Description |
|---|---|
totalCount - Int64!
|
Count of results regardless of whether they fit within max allowed (500) |
pageLength - Int!
|
Count of results returned |
companySearchResults - [CompanyWithSearchResult!]
|
Companies matching supplied name and/or domain |
Example
{
"totalCount": 123,
"pageLength": 123,
"companySearchResults": [CompanyWithSearchResult]
}
CompanySearchResultMatchedField
Description
Part of the CompanyWithSearchResult type, giving information about a match in a companySearch query
Fields
| Field Name | Description |
|---|---|
ordinal - CompanyMatchedFieldOrdinal!
|
Indicates whether the matched field is primary or secondary (alternate) on the company object, or not on the company object directly |
type - CompanyMatchedFieldType!
|
The type of the field that matched |
value - String!
|
The value of the field that matched |
Example
{
"ordinal": "primary",
"type": "name",
"value": "xyz789"
}
CompanySortBy
Fields
| Input Field | Description |
|---|---|
field - CompanySorts!
|
|
direction - SortDirection
|
Example
{"field": "primaryName", "direction": "asc"}
CompanySorts
Description
Fields available by which to sort companies; default: primaryName/asc
Values
| Enum Value | Description |
|---|---|
|
|
Primary name of the company |
|
|
Primary domain associated with the company |
|
|
The company's industry description |
|
|
|
|
|
|
|
|
Sort on riskScore.score, the overall company score. Companies that have no score (a null score) are not assigned a value of 0; they are sorted separately: with ascending (asc) sort order they appear first (before all scored companies), and with descending (desc) sort order they appear last (after all scored companies). To exclude unscored companies entirely, set a riskScoreMin (and/or riskScoreMax) on the filter, which removes null-scored companies from the results. |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
A bucketing of the risk level |
|
|
|
|
|
The unique BlueVoyant identifier (BV ID) of a company |
Example
"primaryName"
CompanyStatistic
Description
a statistic for a given company returned from the companyInPeriodStatistics query as part of the CompanyStatistics type.
Fields
| Field Name | Description |
|---|---|
bvid - UUID!
|
The unique BlueVoyant identifier (BV ID) of the company. |
value - Float
|
The value associated with the BV ID |
company - CompanyFromSearchResult
|
Get company for the relevant bvid. |
Example
{
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"value": 987.65,
"company": Company
}
CompanyStatistics
Description
Statistics broken out by company, returned from the companyInPeriodStatistics query
Fields
| Field Name | Description |
|---|---|
meanCompanyScores - [CompanyStatistic!]
|
Mean score per company across the time period. Only includes companies currently monitored. |
Arguments
|
|
meanTimeToResolve - [CompanyStatistic!]
|
Mean time for a company to resolve a case for this client, in days |
Arguments
|
|
Example
{
"meanCompanyScores": [CompanyStatistic],
"meanTimeToResolve": [CompanyStatistic]
}
CompanyStatus
Description
A singular value reflecting the state of finding remediation on the company.
Active is the default where nothing else applies.
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"Remediation_in_Progress"
CompanySummarizedCountFilter
Example
{
"portfolios": ["xyz789"],
"categories": ["xyz789"],
"vendors": ["xyz789"],
"products": ["abc123"]
}
CompanySummarizedCountInfo
Fields
| Field Name | Description |
|---|---|
totalCount - Int!
|
The total count of objects that match the user's request regardless of how many were returned. |
pageLength - Int!
|
The amount of objects returned to the user. |
items - [CompanySummarizedCounts]
|
The list of objects that match the user's request. |
Example
{
"totalCount": 123,
"pageLength": 123,
"items": [CompanySummarizedCounts]
}
CompanySummarizedCountSort
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"portfolioName"
CompanySummarizedCountSortBy
Fields
| Input Field | Description |
|---|---|
field - CompanySummarizedCountSort!
|
Field by which to sort vendors. Default = portfolioName |
direction - SummarizedSortDirection
|
Direction in which to sort users (asc/desc). Default = asc |
Example
{"field": "portfolioName", "direction": "asc"}
CompanySummarizedCounts
Fields
| Field Name | Description |
|---|---|
portfolio - String!
|
The portfolio of this portfolio/client/category/vendor/product combination. |
category - String!
|
The category of this portfolio/client/category/vendor/product combination. |
vendor - String!
|
The vendor of this portfolio/client/category/vendor/product combination. |
product - String!
|
The product of this portfolio/client/category/vendor/product combination. |
totalCount - Int!
|
The total amount of companies in this portfolio/client/category/vendor/product combination. |
companies - [String!]
|
The companies of this portfolio/client/category/vendor/product combination. |
Example
{
"portfolio": "xyz789",
"category": "xyz789",
"vendor": "xyz789",
"product": "xyz789",
"totalCount": 123,
"companies": ["xyz789"]
}
CompanyWithSearchResult
Description
Result of a companySearch query against all companies known to BlueVoyant
Fields
| Field Name | Description |
|---|---|
bvid - UUID!
|
The BV ID, the unique identifier for the company |
company - CompanyFromSearchResult
|
The company matching the search criteria Only limited fields from the company object can be requested when using this endpoint: bvid, primaryName, primaryDomain, firmographicFields*, _typename, attributes, clientEntityIds, clientEntityData*, portfolios*, serviceAttributes* |
alternateNames - [String!]
|
Alternate, or secondary, names for the company |
alternateDomains - [String!]
|
Alternate, or secondary, domains for the company |
complex - Boolean!
|
If true, indicates a company with a potentially large customer space such as telecom providers, universities, cloud providers, SAAS providers, etc. Approval is needed to add a complex company to a portfolio. |
matchScore - Float!
|
The score for the match. 100 indicates an exact match. All matches with scores of at least 20 are provided, up to 500 matches. |
matchType - String!
|
The type of match, indicating the field(s) matched, and whether the match was exact or fuzzy. Can be one of "Entity Domain/Name", "Entity Domain Only", "Entity Name Only", "Entity Footprint Domain", "Entity Domain/Name (fuzzy)", "Entity Domain (fuzzy)", "Entity Name (fuzzy)", "DomainLogoMatch Domain". Matches are exact unless 'fuzzy' is indicated. "Entity Footprint Domain" indicates that the exact domain was found in the company's footprint rather than being associated with the company object directly. "DomainLogoMatch Domain" indicates that the logo of the company matched the requested domain's logo. |
matchedFields - [CompanySearchResultMatchedField!]
|
Information about the field(s) matched |
Example
{
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"company": Company,
"alternateNames": ["abc123"],
"alternateDomains": ["xyz789"],
"complex": false,
"matchScore": 987.65,
"matchType": "xyz789",
"matchedFields": [CompanySearchResultMatchedField]
}
ConfidenceLevel
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"low"
ContactFilter
Description
Filter for contacts
Fields
| Input Field | Description |
|---|---|
bvids - [UUID!]
|
Filter contacts by one or more BV IDs the contact is associated with. Default = null |
contactNames - [String!]
|
Filter contacts by one or more names, with wildcard matching. Default = null |
ids - [Int!]
|
Filter contacts by one or more IDs |
emails - [String!]
|
Filter contacts by one or more exact emails (case insensitively) |
sortBy - [ContactSortBy]
|
Sort returned roles by specified fields and directions |
Example
{
"bvids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"contactNames": ["xyz789"],
"ids": [123],
"emails": ["abc123"],
"sortBy": [ContactSortBy]
}
ContactSortBy
Fields
| Input Field | Description |
|---|---|
field - ContactSorts!
|
Field by which to sort contacts |
direction - SortDirection
|
Direction in which to sort contacts (asc/desc). Default = asc |
Example
{"field": "contactName", "direction": "asc"}
ContactSorts
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"contactName"
ContactToDelete
Description
Input to delete a contact
Fields
| Input Field | Description |
|---|---|
id - Int!
|
Example
{"id": 987}
CountryDomainCount
Description
Country code and its number of domains with hostnames resolving to IP addresses in the footprint
Fields
| Field Name | Description |
|---|---|
countryCode - String!
|
The country as a two-letter code |
netGeoCountry - String!
|
The name of the country or territory, lower case. Generally corresponds to the ISO 3166 English-language short name, but may be simplified or reflect a previously allocated name |
domainCount - Int64!
|
The number of domains with hostnames resolving to IP addresses associated with the country |
hostCount - Int64!
|
The number of hostnames resolving to IP addresses associated with the country |
Example
{
"countryCode": "abc123",
"netGeoCountry": "xyz789",
"domainCount": 123,
"hostCount": 123
}
CountryIPCount
Description
Country code and its number of IP addresses from the company's footprint that are geolocated in the country
Example
{
"countryCode": "abc123",
"netGeoCountry": "abc123",
"ipCount": 123
}
DataDictionary
Fields
| Field Name | Description |
|---|---|
industryCodes - [DictionaryValue!]!
|
The NAICS codes this API knows about |
riskLevels - [DictionaryValue!]!
|
How to map scores to risk levels |
severityLabels - [DictionaryValue!]!
|
|
findingCodes - [DictionaryValue!]!
|
Finding codes and summaries. Finding code is an integer that represents the specific type of a finding. |
Arguments
|
|
findingDescriptions - [DictionaryValue!]!
|
Finding codes and descriptions. Finding code is an integer that represents the specific type of a finding. |
Arguments
|
|
insightCodes - [DictionaryValue!]!
|
Insight finding codes and summaries |
attackSurfaceCodes - [DictionaryValue!]!
|
Attack surface finding codes and summaries |
questionnaireGroups - [DictionaryValue!]!
|
Questionnaire group names and their associated finding codes. Finding codes are represented as comma separated strings of integers. |
Example
{
"industryCodes": [DictionaryValue],
"riskLevels": [DictionaryValue],
"severityLabels": [DictionaryValue],
"findingCodes": [DictionaryValue],
"findingDescriptions": [DictionaryValue],
"insightCodes": [DictionaryValue],
"attackSurfaceCodes": [DictionaryValue],
"questionnaireGroups": [DictionaryValue]
}
Desk
DeskLookup
DeskType
Description
The type of desk used to group users with TPRM clients
Values
| Enum Value | Description |
|---|---|
|
|
The type of desk associated with users in portal (commercial) Okta |
|
|
Desks for government clients and users |
|
|
The type of desk that exists internally |
Example
"okta"
Detail
Description
A complete finding detail result. Part of the DetailInfo type, returned by the findingInfo query.
Not every field is associated with every finding code. A list of finding codes, and their associated fields, can be found here. Standard fields on every detail are bvid, status, statusText, findingCode, findingHash, variant, assessmentDateBegin, assessmentDateEnd, observationTimesSeen, observationTimestampFirst, observationTimestampLast.
Fields
| Field Name | Description |
|---|---|
bvid - UUID
|
The unique BlueVoyant identifier (BV ID) of the company. A standard field. |
status - String
|
The status of the finding detail. It can be either 'open' or 'closed'. A standard field. |
statusText - String
|
A slightly more descriptive status. It can be 'No Longer Observed', 'Closed by Analyst', 'False Positive', or 'Closed', or '' for open details. A standard field. |
findingCode - Int
|
Finding code is an integer that represents the specific type of a finding. See the dictionary query and the DataDictionary type. A standard field. |
findingHash - String
|
An ID of int64 type that is unique for a BV ID, variant, and finding code. A standard field. |
variant - Int64
|
Used to uniquely identify each company footprint. A standard field. |
assessmentDateBegin - String
|
The start of the scoring assessment period. A standard field. |
assessmentDateEnd - String
|
The end of the scoring assessment period. A standard field. |
observationTimesSeen - Int
|
The number of times observed during footprinting. A standard field. |
observationTimestampFirst - String
|
The first time this entity was observed during footprinting. A standard field. |
observationTimestampLast - String
|
The most recent time the entity was observed during footprinting. A standard field. |
requestingIp - String
|
The IP address of the requesting entity. |
nameserverIp - String
|
The IP address for the name server. |
answerIp - String
|
The IP addess of the answering entity. |
qnames - [String]
|
A list of all qualified names for the entity. These are the fully qualified names of an element, attribute, or identifier in an XML document. |
threatType - String
|
The kind of threat this entity is. i.e. botnet, ransomware, malware, etc. |
domain - String
|
The domain of this entity. |
blacklistedIp - String
|
The blacklisted IP address of an entity. |
clientIp - String
|
The client's IP address that is related to this entity. |
count - Int
|
The number of vulnerabilities found. |
destPort - Int
|
The destination port of the entity. |
details - String
|
More details about some findings, specific to the finding code. For example it could list the CVE ID's the finding has. |
dkimSelector - String
|
DKIM specifies the DNS location of the public key. |
encryptionType - String
|
What kind of encryption this finding detail is using. |
ip - String
|
The IP address of this finding. |
lastObservedInternalIp - String
|
The last observed IP on the local network. |
lastObservedPublicIp - String
|
The last observed public-facing IP. |
observationDates - String
|
The list of dates this finding was observed. |
observationOpenStatus - String
|
Whether or not we are still observing this finding. |
port - Int
|
The port number of a finding. |
protocol - Int
|
The protocol this finding used |
qname - String
|
Qualified Name of the finding. These are the fully qualified names of an element, attribute, or identifier in an XML document. |
ransomwareCompanyName - String
|
The name of the company allegedly affected by this ransomware attack. |
ransomwareCompanyUrl - String
|
The URL of the company allegedly affected by this ransomware attack. |
ransomwareSiteName - String
|
The common name of the site that claims this ransomware attack. |
record - String
|
An SPF record identifies the mail servers and domains that are allowed to send email on behalf of your domain. |
scannedHost - String
|
The IP of the host being scanned. |
scannedPort - Int
|
The port of the host being scanned. |
serviceNames - String
|
The name of the service running at this finding. e.g. beanstalkd, anyconnect, mysql, etc. |
srcPort - Int
|
The port number the request is originating from. |
userAgent - String
|
The User-Agent request header is a characteristic string that lets servers and network peers identify the application, operating system, vendor, and/or version of the requesting user agent. |
cname - String
|
A Canonical Name or CNAME record is a type of DNS record that maps an alias name to a true or canonical domain name. |
serviceProvider - String
|
The name of the service that was using this dangling DNS record. |
wildcard - Boolean
|
Whether or not this dangling DNS record is a wildcard or not. |
Example
{
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"status": "abc123",
"statusText": "abc123",
"findingCode": 123,
"findingHash": 9039052908188215000,
"variant": 123,
"assessmentDateBegin": "2024-01-01T00:00:00Z",
"assessmentDateEnd": "2024-01-30T00:00:00Z",
"observationTimesSeen": 987,
"observationTimestampFirst": "abc123",
"observationTimestampLast": "abc123",
"requestingIp": "xyz789",
"nameserverIp": "abc123",
"answerIp": "xyz789",
"qnames": ["abc123"],
"threatType": "abc123",
"domain": "abc123",
"blacklistedIp": "abc123",
"clientIp": "xyz789",
"count": 987,
"destPort": 123,
"details": "abc123",
"dkimSelector": "abc123",
"encryptionType": "xyz789",
"ip": "abc123",
"lastObservedInternalIp": "xyz789",
"lastObservedPublicIp": "xyz789",
"observationDates": "xyz789",
"observationOpenStatus": "abc123",
"port": 987,
"protocol": 123,
"qname": "xyz789",
"ransomwareCompanyName": "xyz789",
"ransomwareCompanyUrl": "abc123",
"ransomwareSiteName": "abc123",
"record": "abc123",
"scannedHost": "xyz789",
"scannedPort": 123,
"serviceNames": "xyz789",
"srcPort": 123,
"userAgent": "abc123",
"cname": "abc123",
"serviceProvider": "xyz789",
"wildcard": false
}
DetailFilter
Description
Part of the Finding type for detailInfo, used by the findingInfo query.
Fields
| Input Field | Description |
|---|---|
detailStatus - String
|
Deprecated. Use 'statuses' field. |
statuses - [DetailStatus!]
|
Status can be 'open' or 'closed' |
statusTexts - [DetailStatusText!]
|
Status text is a more descriptive status (for closed details) |
sortBy - [DetailSortBy]
|
Contains the fields and direction you can sort by. NOTE: At present, sorting by multiple fields is not supported. Default = null |
Example
{
"detailStatus": "xyz789",
"statuses": ["closed"],
"statusTexts": ["Open"],
"sortBy": [DetailSortBy]
}
DetailInfo
Description
This is the holder for details, part of the Finding type, from a findingInfo query, with pagination and counts
Fields
| Field Name | Description |
|---|---|
details - [Detail]!
|
Details (observations) associated with a finding |
limit - Int!
|
Offset and limit echo back the parameters |
offset - Int!
|
Limit and offset echo back the parameters |
pageLength - Int!
|
The number of details returned per finding hash. |
totalCount - Int64!
|
Total count available for paged return, per finding hash; negative if not counted; if not counted negative value is taken from the number of unique details |
Example
{
"details": [Detail],
"limit": 987,
"offset": 987,
"pageLength": 123,
"totalCount": 123
}
DetailSortBy
Description
Part of the DetailFilter type, used by the findingInfo query.
Fields
| Input Field | Description |
|---|---|
field - DetailsSorts!
|
Field by which to sort findings. Which fields you can sort by are dependent on the finding code you are requesting. |
direction - SortDirection
|
Direction in which to sort findings (asc/desc). Default = asc |
Example
{"field": "assessmentDateBegin", "direction": "asc"}
DetailStatus
Description
Input to statuses field in DetailFilter type, used by the findingInfo query.
Values
| Enum Value | Description |
|---|---|
|
|
Filter on whether the detail is closed |
|
|
Filter on whether the detail is open/active |
Example
"closed"
DetailStatusText
Description
Input to statusTexts field in DetailFilter type, used by the findingInfo query.
Values
| Enum Value | Description |
|---|---|
|
|
The detail has status 'open' |
|
|
A resolution when the detail has status 'closed' |
|
|
A resolution when the detail has status 'closed' |
|
|
A resolution when the detail has status 'closed' |
Example
"Open"
DetailsSorts
Description
Field by which to sort finding details, used by the DetailSortBy type for the Detail type. Which fields you can sort by are dependent on the finding code you are requesting.
Values
| Enum Value | Description |
|---|---|
|
|
The start of the scoring assessment period. A standard field. |
|
|
The end of the scoring assessment period. A standard field. |
|
|
Finding code is an integer that represents the specific type of a finding. See the dictionary query and the DataDictionary type. A standard field. |
|
|
An ID of int64 type that is unique for a BV ID, variant, and finding code. A standard field. |
|
|
Used to uniquely identify each company footprint. A standard field. |
|
|
The number of times observed during footprinting. A standard field. |
|
|
The first time this entity was observed during footprinting. A standard field. |
|
|
The most recent time the entity was observed during footprinting. A standard field. |
|
|
The domain of this entity. |
|
|
The status of the finding detail. Values are 'open' or 'closed'. (Sorts in string order.) |
|
|
A slightly more descriptive status. Values are 'No Longer Observed', 'Closed by Analyst', 'False Positive', 'Closed', or '' for open details. (Sorts in string order.) |
|
|
The unique BlueVoyant identifier (BV ID) of the company. A standard field. |
|
|
The IP address of the answering entity. |
|
|
The blacklisted IP address of an entity. |
|
|
The client's IP address that is related to this entity. |
|
|
The number of vulnerabilities found. |
|
|
The destination port of the entity. |
|
|
More details about some findings, specific to the finding code. For example it could list the CVE IDs the finding has. This field is in a stringified JSON format. |
|
|
DKIM specifies the DNS location of the public key. |
|
|
What kind of encryption this finding detail is using. |
|
|
The IP of this finding. |
|
|
The last observed IP on the local network. |
|
|
The last observed public-facing IP. |
|
|
The IP for the name server. |
|
|
The list of dates this finding was observed. |
|
|
Whether or not we are still observing this finding. |
|
|
The port number of a finding. |
|
|
The protocol this finding used |
|
|
Qualified Name of the finding. These are the fully qualified names of an element, attribute, or identifier in an XML document. |
|
|
A list of all qualified names for the entity. These are the fully qualified names of an element, attribute, or identifier in an XML document. |
|
|
The name of the company allegedly affected by this ransomware attack. |
|
|
The URL of the company allegedly affected by this ransomware attack. |
|
|
The common name of the site that claims this ransomware attack. |
|
|
An SPF record identifies the mail servers and domains that are allowed to send email on behalf of your domain. |
|
|
IP of the requesting pDNS entity. |
|
|
The IP of the host being scanned. |
|
|
The name of the service running at this finding. e.g. beanstalkd, anyconnect, mysql, etc. |
|
|
The port number the request is originating from. |
|
|
The kind of threat this entity is. i.e. botnet, ransomware, malware, etc. |
|
|
The User-Agent request header is a characteristic string that lets servers and network peers identify the application, operating system, vendor, and/or version of the requesting user agent. |
|
|
A Canonical Name or CNAME record is a type of DNS record that maps an alias name to a true or canonical domain name. |
|
|
The name of the service that was using this dangling DNS record. |
|
|
Whether or not this dangling DNS record is a wildcard or not. |
Example
"assessmentDateBegin"
DictionaryValue
DistinctVendorDependency
Fields
| Input Field | Description |
|---|---|
search - String
|
If you provide any substring in the search field the query will only return values that contain that substring. |
field - VendorDependencyDistinctField!
|
An enumerated argument. The query will return unique values on the field you give it. [product, category, vendor, and companyName]. Default = category |
Example
{"search": "xyz789", "field": "product"}
DomainCountry
Description
Registration information plus a single country of resolution for a domain
Fields
| Field Name | Description |
|---|---|
domainData - DomainInfo!
|
Registration data for a domain, plus all countries of resolution |
countryHostData - DomainCountryHostData
|
Example
{
"domainData": DomainInfo,
"countryHostData": DomainCountryHostData
}
DomainCountryFilter
Description
Filters for domain/country of resolution records associated with a footprint
Fields
| Input Field | Description |
|---|---|
countryCodes - [String!]
|
Filter by exact, case-insensitive, two-letter (but not necessarily ISO 3166-1 alpha-2) country codes from IP addresses associated with hostnames in the domain. Associated with the countryCode field of the DomainCountry type. |
netGeoCountries - [String!]
|
Filter by exact, case-insensitive country names from IP addresses associated with hostnames in the domain. Associated with the netGeoCountryCode field of the DomainCountry type. |
domains - [String!]
|
Filter by exact, case-insensitive domains. Use either this filter or the domainsWildcard filter but not both. |
domainsWildcard - [String!]
|
Filter by partial, case-insensitive domains. Use either this filter or the domains filter but not both. |
Example
{
"countryCodes": ["abc123"],
"netGeoCountries": ["xyz789"],
"domains": ["xyz789"],
"domainsWildcard": ["xyz789"]
}
DomainCountryHostData
Description
Number of hostnames associated with each domain/country as determined by resolving the IP address of each hostname in the domain to a country
Fields
| Field Name | Description |
|---|---|
netGeoCountry - String
|
The name of the country or territory, lower case. Generally corresponds to the ISO 3166 English-language short name, but may be simplified or reflect a previously allocated name |
countryCode - String
|
The country as a two-letter (not necessarily ISO) code |
hostCount - Int
|
Number or hosts observed for this domain/country combination |
Example
{
"netGeoCountry": "abc123",
"countryCode": "abc123",
"hostCount": 123
}
DomainCountryInfo
Description
This is the holder for domain/country resolution records, from a companyInfo query, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
Limit and offset echo back the parameters |
totalCount - Int64!
|
Count of domain/country records matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of domain/country records returned |
domainCountries - [DomainCountry!]
|
Domain/country of resolution records from domains in the company's footprint |
Example
{
"offset": 123,
"limit": 987,
"totalCount": 123,
"pageLength": 123,
"domainCountries": [DomainCountry]
}
DomainCountrySortBy
Description
Fields/directions used to sort domain/country of resolution records
Fields
| Input Field | Description |
|---|---|
field - DomainCountrySorts!
|
|
direction - SortDirection
|
Example
{"field": "domain", "direction": "asc"}
DomainCountrySorts
Description
Fields used to sort domain/country of resolution records
Values
| Enum Value | Description |
|---|---|
|
|
Default sort field |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Registration street address - the location of the organization that registered the domain |
|
|
Registration state - the location of the organization that registered the domain |
|
|
Registration country - the location of the organization that registered the domain |
|
|
Country with hostname resolutions (whose IPs resolve to a particular country) |
|
|
Country code with hostname resolutions (whose IPs resolve to a particular country) |
|
|
Number of hostname resolutions for this domain/country |
Example
"domain"
DomainFilter
Description
Filters for domain records associated with a footprint
Example
{
"domains": ["xyz789"],
"domainsWildcard": ["abc123"]
}
DomainInfo
Description
Registration information and hostname resolution for a domain
Fields
| Field Name | Description |
|---|---|
address - String
|
Registration street address - the location of the organization that registered the domain |
certificates - [String]
|
|
city - String
|
Registration city - the location of the organization that registered the domain |
country - String
|
Registration country - the location of the organization that registered the domain |
domain - String!
|
A domain belonging to the company |
emails - [String!]
|
|
nameServers - [String]
|
|
registrantName - String!
|
|
registrantOrganization - String!
|
|
registrar - String!
|
|
state - String
|
Registration state - the location of the organization that registered the domain |
tags - [TagInfo!]
|
|
adminOrganization - String
|
|
attributionSummary - String
|
Short explanation of how this domain was attributed to the company. |
hostCounts - [DomainCountryHostData!]
|
Counts of observed hostnames under this domain, broken out by country based on geolocation of the returned IP |
Example
{
"address": "xyz789",
"certificates": ["abc123"],
"city": "abc123",
"country": "xyz789",
"domain": "xyz789",
"emails": ["abc123"],
"nameServers": ["xyz789"],
"registrantName": "abc123",
"registrantOrganization": "abc123",
"registrar": "xyz789",
"state": "abc123",
"tags": [TagInfo],
"adminOrganization": "abc123",
"attributionSummary": "xyz789",
"hostCounts": [DomainCountryHostData]
}
DomainListInfo
Description
Paginated list of a company's domain-based assets in its public-facing internet footprint. Returned by companyInfo.domainInfo and supports filtering by domain name. For per-domain hostname-resolution country counts (i.e. where each domain's hostnames resolve geographically) see also DomainCountryInfo. This is the holder for domains, with pagination and counts.
Synonyms: domains, web assets, hostnames, internet assets.
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
Limit and offset echo back the parameters |
totalCount - Int64!
|
Count of domains matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of domains returned |
domains - [DomainInfo!]
|
Domain assets in the company's footprint, including registration metadata and per-domain country resolution counts. |
Example
{
"offset": 987,
"limit": 987,
"totalCount": 123,
"pageLength": 987,
"domains": [DomainInfo]
}
DomainSortBy
Description
Fields/directions used to sort domain records
Fields
| Input Field | Description |
|---|---|
field - DomainSorts!
|
|
direction - SortDirection
|
Example
{"field": "domain", "direction": "asc"}
DomainSorts
Description
Fields used to sort domain records
Values
| Enum Value | Description |
|---|---|
|
|
Default sort field |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Registration street address - the location of the organization that registered the domain |
|
|
Registration state- the location of the organization that registered the domain |
|
|
Registration country - the location of the organization that registered the domain |
Example
"domain"
EVSortBy
Description
Fields/directions by which to sort EmergingVulnerability details
Fields
| Input Field | Description |
|---|---|
field - EVSorts!
|
|
direction - SortDirection
|
Example
{"field": "id", "direction": "asc"}
EVSorts
Description
Fields available by which to sort EmergingVulnerability details; default: id/asc
Values
| Enum Value | Description |
|---|---|
|
|
Emerging vulnerability ID |
|
|
Title of the emerging vulnerability |
|
|
Description of the emerging vulnerability |
|
|
The unique BlueVoyant identifier (BV ID) of the company. |
|
|
Primary name of the company |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Number of notification emails sent regarding the associated company (third party), either to the company directly through its own case or via a bulk notification to the client |
Example
"id"
EVSummarySortBy
Fields
| Input Field | Description |
|---|---|
field - EVSummarySorts!
|
|
direction - SortDirection
|
Example
{"field": "id", "direction": "asc"}
EVSummarySorts
Description
Fields available by which to sort emerging vulnerability summaries; default: title/asc
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"id"
EmailDkimDmarcSpf
Description
An emails domain and relevant informattion.
Example
{
"domain": "abc123",
"isPresent": true,
"isPrimaryDomain": false,
"isSecure": true
}
EmailDkimDmarcSpfInfo
Description
Information about an email address and authentication method.
Fields
| Field Name | Description |
|---|---|
pageLength - Int!
|
How many were returned in this query. |
totalCount - Int64!
|
How many total there are. |
emails - [EmailDkimDmarcSpf!]
|
A list of emails and relevant information. |
Example
{
"pageLength": 987,
"totalCount": 123,
"emails": [EmailDkimDmarcSpf]
}
EmailSaasInsight
Description
Insight indicating that an email Saas solution was detected on a domain in a monitored company's footprint (or, with finding code 2000037, that no email security was detected for domain)
Fields
| Field Name | Description |
|---|---|
bvid - UUID!
|
The unique BlueVoyant identifier (BV ID) of the company associated with this insight |
domain - String!
|
The company footprint's domain on which a Saas solution was detected |
match - String
|
The term that matched and found the Saas solution |
findingCode - Int64!
|
Finding code is an integer that represents the specific type of a finding. See the dictionary query and the DataDictionary type. |
category - String
|
The category associated with the product |
vendor - String
|
Name of the vendor providing the Saas solution |
product - String
|
The SaaS solution product detected |
updatedTS - Time!
|
The time the insight was last updated |
lastObservedTS - Time!
|
The time the insight was last observed |
company - CompanyByService
|
Company associated with the insight |
Example
{
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"domain": "abc123",
"match": "abc123",
"findingCode": 123,
"category": "xyz789",
"vendor": "xyz789",
"product": "abc123",
"updatedTS": "2024-02-06T20:24:21Z",
"lastObservedTS": "2024-02-06T20:24:21Z",
"company": Company
}
EmailSaasInsightsInfo
Description
This is the holder for email Saas insights from the insightsInfo query, with pagination and counts
Fields
| Field Name | Description |
|---|---|
EmailSaasInsights - [EmailSaasInsight!]
|
An array of email SaaS insights with whatever filters applied. |
totalCount - Int64!
|
The total number of objects that fit the filter given regardless of limit. |
pageLength - Int!
|
The total amount of objects returned to user. Between zero and the limit provided. |
Example
{
"EmailSaasInsights": [EmailSaasInsight],
"totalCount": 123,
"pageLength": 123
}
EmailSaasSort
Values
| Enum Value | Description |
|---|---|
|
|
The category associated with the product |
|
|
The category associated with the product |
|
|
The product detected |
|
|
The time the insight was last updated (process date) |
|
|
Finding code is an integer that represents the specific type of a finding. See the dictionary query and the DataDictionary type. |
|
|
The unique BlueVoyant identifier (BV ID) of the company associated with this insight |
|
|
Primary name of the company |
|
|
Name of the portfolio containing the company |
|
|
The last time this specific insight was observed or validated |
Example
"category"
EmailSaasSortBy
Fields
| Input Field | Description |
|---|---|
field - EmailSaasSort!
|
Field by which to sort vendors. Default = updatedTS |
direction - SortDirection
|
Direction in which to sort vendors (asc/desc). Default = asc |
Example
{"field": "category", "direction": "asc"}
EmergingVulnerability
Description
Information about emerging vulnerabilities detected for a company. Generally these are recently revealed vulnerabilities that our analysts have manually located in our data and are not yet available as findings. This is the company-specific detail.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
Unique ID of the emerging vulnerability |
title - String!
|
Title of the emerging vulnerability |
description - String
|
Description of the emerging vulnerability |
bvid - UUID!
|
BV ID of the associated company (third party) |
primaryName - String!
|
Primary name of the associated company |
firstEscalationDate - String
|
|
lastEscalationDate - String
|
|
thirdPartyAcknowledgedDate - String
|
|
thirdPartyMitigatedDate - String
|
|
emailsSent - Int!
|
Number of notification emails sent regarding the associated company (third party), either to the company directly through its own case or via a bulk notification to the client. If the number of emails sent is at least 1, the company is considered 'notified.' |
company - CompanyFromSearchResult
|
Company associated with the emerging vulnerability. At this time, only companies currently in the client's external_regular portfolios appear here (type Company). |
Example
{
"id": 4,
"title": "abc123",
"description": "abc123",
"bvid": "15218dcb-f184-41f1-ac33-a5a3368afd9c",
"primaryName": "abc123",
"firstEscalationDate": "2022-11-30T21:15:13Z",
"lastEscalationDate": "2022-11-30T21:15:13Z",
"thirdPartyAcknowledgedDate": "2022-11-30T21:15:13Z",
"thirdPartyMitigatedDate": "2022-11-30T21:15:13Z",
"emailsSent": 123,
"company": Company
}
EmergingVulnerabilityDetailFilter
Description
Fields available by which to filter emerging vulnerability details (companies/third parties) under the EmergingVulnerabilitySummary type in the emergingVulnerabilitySummaryInfo query.
Fields
| Input Field | Description |
|---|---|
bvids - [UUID!]
|
BVIDs to filter on. Default = null |
minFirstEscalationDate - String
|
Min first escalation date to filter on for emerging vulnerability details. Default = null |
maxFirstEscalationDate - String
|
Max first escalation date to filter on for emerging vulnerability details. Default = null |
minLastEscalationDate - String
|
Min last escalation date to filter on for emerging vulnerability details. Default = null |
maxLastEscalationDate - String
|
Max last escalation date to filter on for emerging vulnerability details. Default = null |
thirdPartyAcknowledged - Boolean
|
Filter upon the third party acknowledged boolean value. Default = null |
thirdPartyMitigated - Boolean
|
Filter upon the third party mitigated boolean value. Default = null |
minEmailsSent - Int
|
Filter on the minimum number of emails sent for emerging vulnerability details. If the number of emails sent is at least 1, the company is considered 'notified.'. Default = null |
maxEmailsSent - Int
|
Filter on the maximum number of emails sent to filter sent for emerging vulnerability details. Default = null |
portfolioUuids - [UUID!]
|
Limit displayed emerging vulnerabilities to those associated with companies currently in the specified external portfolios. Default = null |
attributes - [String!]
|
Limit displayed emerging vulnerabilities to those associated with companies with the specified attributes in the client's external portfolios. Default = null |
Example
{
"bvids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"minFirstEscalationDate": "xyz789",
"maxFirstEscalationDate": "abc123",
"minLastEscalationDate": "abc123",
"maxLastEscalationDate": "xyz789",
"thirdPartyAcknowledged": false,
"thirdPartyMitigated": false,
"minEmailsSent": 123,
"maxEmailsSent": 123,
"portfolioUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"attributes": ["xyz789"]
}
EmergingVulnerabilityFilter
Description
Fields available by which to filter emerging vulnerability details
Fields
| Input Field | Description |
|---|---|
ids - [Int!]
|
|
titles - [String!]
|
titles does a wildcard match on each provided title. Default = null |
bvids - [UUID!]
|
|
minFirstEscalationDate - String
|
|
maxFirstEscalationDate - String
|
|
minLastEscalationDate - String
|
|
maxLastEscalationDate - String
|
|
thirdPartyAcknowledged - Boolean
|
|
thirdPartyMitigated - Boolean
|
|
minEmailsSent - Int
|
Filter on the minimum number of emails sent for emerging vulnerability details. If the number of emails sent is at least 1, the company is considered 'notified.'. Default = null |
maxEmailsSent - Int
|
Filter on the maximum number of emails sent for emerging vulnerability details. Default = null |
portfolioUuids - [UUID!]
|
Limit displayed emerging vulnerabilities to those associated with companies currently in the specified external portfolios. Default = null |
attributes - [String!]
|
Limit displayed emerging vulnerabilities to those associated with companies with the specified attributes in the client's external portfolios. Default = null |
sortBy - [EVSortBy]
|
Example
{
"ids": [123],
"titles": ["abc123"],
"bvids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"minFirstEscalationDate": "abc123",
"maxFirstEscalationDate": "abc123",
"minLastEscalationDate": "abc123",
"maxLastEscalationDate": "xyz789",
"thirdPartyAcknowledged": true,
"thirdPartyMitigated": false,
"minEmailsSent": 987,
"maxEmailsSent": 987,
"portfolioUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"attributes": ["xyz789"],
"sortBy": [EVSortBy]
}
EmergingVulnerabilityInfo
Description
This is the holder for emerging vulnerability details detected for a company, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
Offset and limit echo back the parameters |
totalCount - Int!
|
Count of emerging vulnerabilities matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of emerging vulnerabilities returned |
emergingVulnerabilities - [EmergingVulnerability!]
|
Example
{
"offset": 987,
"limit": 123,
"totalCount": 123,
"pageLength": 123,
"emergingVulnerabilities": [EmergingVulnerability]
}
EmergingVulnerabilitySummary
Description
This is the emerging vulnerability summary, containing general information about the emerging vulnerability and the number of third parties (monitored companies) affected by it, if any.
Fields
| Field Name | Description |
|---|---|
id - ID!
|
Unique ID of the emerging vulnerability |
title - String!
|
Title of the emerging vulnerability |
description - String
|
Description of the emerging vulnerability |
notificationDetails - String
|
Markdown text of the generic portion of the notification email sent to clients about the emerging vulnerability |
versionIdentified - Boolean
|
Whether the version of the software affected by the emerging vulnerability was identified |
notificationDate - String
|
Date the emerging vulnerability was published |
numOfThirdPartiesIdentified - Int!
|
Number of companies (third parties) that have been identified as being affected by this emerging vulnerability |
numOfThirdPartiesNotified - Int!
|
Number of companies (third parties) that have had at least one email sent regarding this emerging vulnerability, either to them directly through their own cases or via a bulk notification to the client |
numOfThirdPartiesAcknowledged - Int!
|
Number of companies (third parties) that have acknowledged a notification of this emerging vulnerability |
numOfThirdPartiesMitigated - Int!
|
Number of companies (third parties) that have mitigated this emerging vulnerability |
cves - [CVE!]
|
Array of associated CVEs |
productsAffected - [String!]
|
Array of products affected for the emerging vulnerability |
findingsFirstAddedTS - String
|
Timestamp when any findings were first associated with the emerging vulnerability |
findingCodes - [Int64!]
|
Array of finding codes associated with this emerging vulnerability |
emergingVulnerabilityInfo - EmergingVulnerabilityInfo
|
Emerging vulnerability details (companies/third parties) associated with the emerging vulnerability |
Arguments
|
|
Example
{
"id": "4",
"title": "abc123",
"description": "abc123",
"notificationDetails": "xyz789",
"versionIdentified": false,
"notificationDate": "2022-11-30T21:15:13Z",
"numOfThirdPartiesIdentified": 987,
"numOfThirdPartiesNotified": 123,
"numOfThirdPartiesAcknowledged": 123,
"numOfThirdPartiesMitigated": 123,
"cves": [CVE],
"productsAffected": ["xyz789"],
"findingsFirstAddedTS": "abc123",
"findingCodes": [123],
"emergingVulnerabilityInfo": EmergingVulnerabilityInfo
}
EmergingVulnerabilitySummaryFilter
Description
Fields available by which to filter emerging vulnerability summary information. Null dates are assumed to indicate no restriction on date. Date in 'YYYY-MM-DD' format. Nulls for other parameters indicate no restriction in that dimension.
If portfolioUuids and attributes are used, emerging vulnerabilites will be limited to those associated with the companies in the portfolios or with the attributes. Without these filters, all emerging vulnerabilities (matching the other filters, if any) will be returned, regardless of whether any of the client's companies are affected by them. (In other words, with those filters, the number of third parties identified will be at least one.)
Fields
| Input Field | Description |
|---|---|
ids - [Int!]
|
Limit returned emerging vulnerability summaries to the specified IDs. Default = null |
titles - [String!]
|
Limit returned emerging vulnerability summaries to the specified titles, with a wildcard search. Default = null |
minNotificationDate - String
|
|
maxNotificationDate - String
|
|
versionIdentified - Boolean
|
|
minNumOfThirdPartiesIdentified - Int
|
|
maxNumOfThirdPartiesIdentified - Int
|
|
minNumOfThirdPartiesNotified - Int
|
|
maxNumOfThirdPartiesNotified - Int
|
|
minNumOfThirdPartiesAcknowledged - Int
|
|
maxNumOfThirdPartiesAcknowledged - Int
|
|
minNumOfThirdPartiesMitigated - Int
|
|
maxNumOfThirdPartiesMitigated - Int
|
|
portfolioUuids - [UUID!]
|
Limit returned emerging vulnerability summaries to those associated with companies currently in the specified (external_regular) portfolios. Default = null |
attributes - [String!]
|
Limit returned emerging vulnerability summaries to those associated with companies with the specified attributes in the client's (external_regular) portfolios. Default = null |
sortBy - [EVSummarySortBy]
|
Fields by which to sort emerging vulnerability summaries |
Example
{
"ids": [123],
"titles": ["xyz789"],
"minNotificationDate": "xyz789",
"maxNotificationDate": "xyz789",
"versionIdentified": true,
"minNumOfThirdPartiesIdentified": 123,
"maxNumOfThirdPartiesIdentified": 987,
"minNumOfThirdPartiesNotified": 987,
"maxNumOfThirdPartiesNotified": 123,
"minNumOfThirdPartiesAcknowledged": 987,
"maxNumOfThirdPartiesAcknowledged": 987,
"minNumOfThirdPartiesMitigated": 987,
"maxNumOfThirdPartiesMitigated": 123,
"portfolioUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"attributes": ["xyz789"],
"sortBy": [EVSummarySortBy]
}
EmergingVulnerabilitySummaryInfo
Description
This is the holder for emerging vulnerability summaries, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
Offset and limit echo back the parameters |
totalCount - Int!
|
Count of emerging vulnerability summaries matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of emerging vulnerability summaries returned |
emergingVulnerabilitySummaries - [EmergingVulnerabilitySummary!]
|
Summary information about each emerging vulnerability, as well as affected companies/third parties |
Example
{
"offset": 987,
"limit": 987,
"totalCount": 987,
"pageLength": 987,
"emergingVulnerabilitySummaries": [
EmergingVulnerabilitySummary
]
}
EscalatedFindingCount
Description
Escalated finding types and counts returned from the caseStatistics query as part of the CaseStatistics type.
Fields
| Field Name | Description |
|---|---|
findingCode - Int!
|
Finding code is an integer that represents the specific type of a finding. See the dictionary query and the DataDictionary type. |
findingSummary - String!
|
|
findingAbbreviation - String
|
Short mnemonic intended for critical findings only. Will be null, a lot. |
findingSeverity - RiskLevel!
|
|
zeroTolerance - Boolean
|
|
count - Int
|
Number of escalated findings |
Example
{
"findingCode": 987,
"findingSummary": "xyz789",
"findingAbbreviation": "abc123",
"findingSeverity": "low",
"zeroTolerance": true,
"count": 123
}
EscalationPath
Description
Where the ROC will send escalations
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"directTo3rdParty"
ExposureData
Description
Fourth-party data breaches that may affect the company
Example
{
"domain": "xyz789",
"breachDate": "xyz789",
"breachName": "xyz789",
"description": "xyz789",
"numberOfCompanyAccountsExposed": 987
}
ExposureDataWithCompany
Description
A fourth party exposure datum paired with the company it's about
Fields
| Field Name | Description |
|---|---|
exposureData - ExposureData!
|
|
company - Company!
|
Example
{
"exposureData": ExposureData,
"company": Company
}
ExposureDataWithCompanyInfo
Fields
| Field Name | Description |
|---|---|
totalCount - Int64!
|
Total amount of exposures by company. |
pageLength - Int!
|
Count of exposures with applied offset and limit filter. |
exposures - [ExposureDataWithCompany!]
|
list of fourth party exposures by company. |
Example
{
"totalCount": 123,
"pageLength": 123,
"exposures": [ExposureDataWithCompany]
}
ExposureSort
Description
Fields available for sorting fourth party exposure items
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"breachDate"
FilterAllowedAction
Description
Allowed actions that can be used in certain filters. These match the allowed actions used in UserResourcePermission. Allowed actions in a filter can only narrow the normal access allowed by the operation, not broaden it, and would be useful if the user has a mixed set of permissions, such as the manager role and 'manage' (or 'default') access to one porfolio, but 'view' access on all other portfolios. Using 'manage' in the filter for companyInfo will restrict the results to those companies that the user is allowed to manage, as opposed to the normal set of companyInfo results, which are all the companies the user can view.
Values
| Enum Value | Description |
|---|---|
|
|
Limits results to those that the user can view, based on the user's highest role (viewer or higher) and resource permissions (view or higher). |
|
|
Limits results to those that the user can update, based on the user's highest role (analyst or higher) and resource permissions (update or higher). |
|
|
Limits results to those that the user can manage, based on the user's highest role (manager or higher) and resource permissions (manage or higher). |
Example
"view"
Finding
Description
A single security finding observed against a monitored company - an issue, vulnerability, misconfiguration, or other risk indicator that contributes to the company's overall risk score. Findings have a status (open/closed), a risk level (low/medium/high/critical), an escalation lifecycle (whether they have been escalated to the third party), and a findingCode that identifies the kind of issue (see the dictionary query).
Synonyms: issue, vulnerability, alert, risk, observation, problem. Note that "remediation status" maps to the combination of statuses and escalationStatuses (see FindingFilter and the example questions on the findings_in_remediation capability). Part of the FindingInfo type, returned by the findingInfo query.
Fields
| Field Name | Description |
|---|---|
findingCode - Int
|
Finding code is an integer that represents the specific type of a finding. See the dictionary query and the DataDictionary type.
|
findingHash - String
|
An ID of int64 type that is unique for a BV ID, variant, and finding code |
detailInfo - DetailInfo
|
Details (observations) associated with finding |
Arguments
|
|
category - RiskCategory
|
A risk category for a finding |
findingEscalationStatus - FindingEscalationStatus
|
The escalation status of the finding with respect to the client |
findingStatus - FindingStatus
|
A finding is
|
inReviewTS - Time
|
|
escalatedToClientTS - Time
|
|
escalatedToVendorTS - Time
|
|
firstOverdueTS - Time
|
|
firstInDisputeTS - Time
|
|
firstPendingTS - Time
|
|
firstResolvedTS - Time
|
|
numberOfDetails - Int
|
|
numberDomainsAffected - Int
|
|
numberIpsAffected - Int
|
|
assetsAffected - Int
|
|
riskLevel - RiskLevel
|
A bucketing of the risk level |
scoreImpact - Float
|
The impact of a finding on the overall company risk score |
analyst_comment - String
|
|
summary - String
|
A summary of the finding |
description - String
|
A long description of the finding |
actionSummary - String
|
A summary of the recommended action that should be taken to close the finding |
recommendation - String
|
The recommended action that should be taken to close the finding |
zeroTolerance - Boolean
|
Zero-tolerance findings are finding types that are often involved in ransomware incidents, or that can indicate a possible ongoing malware infection or a serious zero-day alert |
findingLastUpdated - String
|
|
findingTimeCreated - String
|
|
cases - [Case!]
|
ServiceNOW cases associated with this finding |
messages - [Message!]
|
Up to n messages between ROC and clients, in time order (most recent first) |
Arguments
|
|
thirdPartyMessageInfo - FindingMessageInfo
|
Messages between ROC and third party, in time order (most recent first). The limits and offset are applied per finding. This field is restricted to Monitored_Company (third-party) users with a third_party* role. |
evidence - RawJSON
|
Evidence added by our Risk Operations Center |
recentActivity - [History!]
|
Events or changes associated with this finding hash, in time order (most recent first) |
Arguments
|
|
cpeCVE - [CPECVE!]
|
CPE and CVEs known to relate to this finding |
domains - [DomainInfo!]
|
Registration information about domains in this finding |
ips - [IPInfo!]
|
Registration information about IP addresses/ranges in this finding |
portfolioName - String
|
|
portfolioUuid - UUID
|
|
isEscalated - Boolean
|
Finding is escalated for this client |
isEscalatedAnyClient - Boolean
|
Finding is escalated for any client. This field is restricted to Monitored_Company (third-party) users with a third_party* role. |
lastObserved - String
|
Most recent timestamp at which this finding was observed. NOTE: there is no first-observed timestamp directly on Finding, so for "how long has this finding been open" use daysSinceFirstEscalated (which reflects the active case's escalation lifecycle, not the finding's first observation). Filter via FindingFilter.minLastObservedTS / maxLastObservedTS. Synonyms: last seen, most recent observation, latest sighting. |
firstEscalatedTS - String
|
First escalated timestamp on the finding's active case, if there is one |
lastEscalatedTS - String
|
Last escalated timestamp on the finding's active case, if there is one |
automatedFollowUpCount - Int
|
Number of automated follow-ups on the finding's active case, if there is one |
emailsSent - Int
|
Number of follow-up emails sent on the finding's active case, if there is one |
daysSinceFirstEscalated - Int
|
Number of days since the finding's active case, if there is one, was first escalated. This is the closest available proxy for "how long has this finding been open / outstanding / unresolved" - escalation begins when a case is opened on the finding, so a high value indicates the issue has been outstanding for a long time. Use FindingFilter.minFirstEscalatedTS / maxFirstEscalatedTS to filter by absolute escalation date. Synonyms: days open, age of finding, time outstanding, days outstanding. |
waitingFor - WaitingFor!
|
If set, progress on the finding is blocked on this party |
thirdPartyDisposition - ThirdPartyDisposition
|
The disposition set by the third party for dealing with the finding |
thirdPartyEscalationDueDate - Time
|
The date set by the third party for dealing with the finding |
thirdPartyEscalationComment - String
|
A comment set by the third party about the finding |
thirdPartyEscalationStatus - FindingEscalationStatus
|
The escalation status of the finding from the perspective of the third party. This field is restricted to Monitored_Company (third-party) users with a third_party* role. |
company - Company!
|
|
Example
{
"findingCode": 987,
"findingHash": 9039052908188215000,
"detailInfo": DetailInfo,
"category": "AdversarialThreats",
"findingEscalationStatus": "Pending",
"findingStatus": "open",
"inReviewTS": "-",
"escalatedToClientTS": "-",
"escalatedToVendorTS": "-",
"firstOverdueTS": "-",
"firstInDisputeTS": "-",
"firstPendingTS": "-",
"firstResolvedTS": "-",
"numberOfDetails": 987,
"numberDomainsAffected": 123,
"numberIpsAffected": 123,
"assetsAffected": 123,
"riskLevel": "low",
"scoreImpact": 987.65,
"analyst_comment": "xyz789",
"summary": "abc123",
"description": "xyz789",
"actionSummary": "abc123",
"recommendation": "xyz789",
"zeroTolerance": false,
"findingLastUpdated": "xyz789",
"findingTimeCreated": "abc123",
"cases": [Case],
"messages": [
{
"source": "BlueVoyant Risk Service<[email protected]>",
"message": "Some message in **markdown** here",
"timestamp": "2023-11-27T15:28:10.642546+00:00"
}
],
"thirdPartyMessageInfo": FindingMessageInfo,
"evidence": ["a", "b", "c"],
"recentActivity": [History],
"cpeCVE": [CPECVE],
"domains": [DomainInfo],
"ips": [IPInfo],
"portfolioName": "abc123",
"portfolioUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"isEscalated": true,
"isEscalatedAnyClient": false,
"lastObserved": "xyz789",
"firstEscalatedTS": "2022-11-30T21:15:13Z",
"lastEscalatedTS": "2022-12-01T19:10:10Z",
"automatedFollowUpCount": 123,
"emailsSent": 123,
"daysSinceFirstEscalated": 123,
"waitingFor": "BlueVoyant",
"thirdPartyDisposition": "NotAPriority",
"thirdPartyEscalationDueDate": "2024-02-06T00:00:00Z",
"thirdPartyEscalationComment": "xyz789",
"thirdPartyEscalationStatus": "Pending",
"company": Company
}
FindingEscalationStatus
Description
The current state of ROC interaction with the finding
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"Pending"
FindingEscalationUpdateThirdParty
Description
Input to allow a third party to update the disposition of an escalated finding
Fields
| Input Field | Description |
|---|---|
findingHash - String!
|
An ID of int64 type that is unique for a BV ID, variant, and finding code |
disposition - ThirdPartyDisposition
|
How/whether the third party/monitored company is dealing with the finding |
escalationDueDate - Time
|
Date by which the third party plans to deal with the finding (thirdPartyEscalationDueDate field in findings) |
escalationComment - String
|
Comment from the third party about the finding (thirdPartyEscalationComment field in findings) |
Example
{
"findingHash": 9039052908188215000,
"disposition": "NotAPriority",
"escalationDueDate": "2024-02-06",
"escalationComment": "abc123"
}
FindingFilter
Description
Filters for findings (issues / vulnerabilities / alerts) within a findingInfo or related query. Common filter combinations:
- Open findings for >N days: combine
statuses: [open]withmaxFirstEscalatedTSset to (now - N days). There is no first-observed timestamp on findings, so escalation-time is the closest proxy for finding age. See alsoFinding.daysSinceFirstEscalated. - Findings in remediation: combine
statuses: [open]withescalationStatuses(the lifecycle stages: in review, escalated, remediated, overdue). See also thefindings_in_remediationcapability for an example of running 4 parallel queries to break out each remediation stage. - Critical findings:
riskLevels: [critical]. - Findings of a specific type:
findingCodes: [...]- see the dictionary query for the catalog of finding codes.
Notes:
- Use null for no restriction. Where a field is specified, only select rows with a value matching one of those in the set; only return rows for which all per-field constraints are met.
- This filter doesn't include things that just filter companies (use CompanyFilter for those).
Fields
| Input Field | Description |
|---|---|
findingCodes - [Int!]
|
Finding code is an integer that represents the specific type of a finding (e.g. "expired certificate", "open SMB port"). See the dictionary query and the DataDictionary type. Default = null |
findingHashes - [String!]
|
An ID of int64 type that is unique for a BV ID, variant, and finding code. Default = null |
riskLevels - [RiskLevel!]
|
Severity buckets to filter findings by. Each finding has a single risk level: low, medium, high, or critical. Synonyms: severity, criticality, importance. Default = null |
riskCategories - [RiskCategory!]
|
Risk category buckets to filter findings by. Synonyms: category, kind of risk, type. Default = null |
statuses - [FindingStatus!]
|
Open/closed lifecycle status of findings. Use [open] for unresolved, currently-active findings. Synonyms: state, open or closed, currently active. Default = null |
escalationStatuses - [FindingEscalationStatus!]
|
Escalation lifecycle status from the client's perspective. Common values map to the remediation pipeline: in review, escalated, remediated, overdue. Use this together with statuses to scope queries about findings in remediation. Synonyms: remediation status, workflow stage, lifecycle. Default = null |
thirdPartyDispositions - [ThirdPartyDisposition!]
|
The disposition set by the third party for dealing with the finding. Default = null |
thirdPartyEscalationStatuses - [FindingEscalationStatus!]
|
The escalation status of the finding from the perspective of the third party. This field is restricted to Monitored_Company (third-party) users with a third_party* role. Default = null |
waitingFors - [WaitingFor!]
|
|
isEscalated - Boolean
|
Whether the finding has been escalated for the client. Default = null |
isEscalatedAnyClient - Boolean
|
Whether the finding has been escalated for any client. This field is restricted to Monitored_Company (third-party) users with a third_party* role. Default = null |
zeroTolerance - Boolean
|
|
sortBy - [FindingSortBy]
|
|
minLastObservedTS - String
|
|
maxLastObservedTS - String
|
|
minFirstEscalatedTS - Time
|
Filter to findings with an active case that was first escalated on or after timestamp. Default = null |
maxFirstEscalatedTS - Time
|
Filter to findings with an active case that was first escalated before or on timestamp. Default = null |
Example
{
"findingCodes": [123],
"findingHashes": ["-5528334538427616940"],
"riskLevels": ["low"],
"riskCategories": ["AdversarialThreats"],
"statuses": ["open"],
"escalationStatuses": ["Pending"],
"thirdPartyDispositions": ["NotAPriority"],
"thirdPartyEscalationStatuses": ["Pending"],
"waitingFors": ["BlueVoyant"],
"isEscalated": false,
"isEscalatedAnyClient": true,
"zeroTolerance": false,
"sortBy": [FindingSortBy],
"minLastObservedTS": "2024-04-06T20:24:21Z",
"maxLastObservedTS": "2024-05-06T00:00:00Z",
"minFirstEscalatedTS": "2024-04-06T20:24:21Z",
"maxFirstEscalatedTS": "2024-05-06T00:00:00Z"
}
FindingInfo
Description
This is the holder for findings, from a findingInfo query, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
Limit and offset echo back the parameters |
totalCount - Int!
|
Count of findings matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of findings returned |
findings - [Finding!]
|
Example
{
"offset": 123,
"limit": 987,
"totalCount": 123,
"pageLength": 123,
"findings": [Finding]
}
FindingMessage
Description
A finding message is a message from a client about a finding
Example
{
"findingHash": 9039052908188215000,
"message": "xyz789"
}
FindingMessageData
Description
This is a single message in the messages array of the FindingMessageInfo type
Example
{
"messageSource": "BlueVoyant Risk Service<[email protected]>",
"message": "Some message in **markdown** here",
"timestamp": "2025-01-14T19:53:12Z"
}
FindingMessageInfo
Description
This is the holder for messages about a finding, with pagination and counts, returned by the thirdPartyMessageInfo part of the Finding type that is returned from the findingInfo query.
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters. Applied per finding |
limit - Int
|
Offset and limit echo back the parameters. Applied per finding |
totalCount - Int64!
|
Total count of messages |
pageLength - Int!
|
Number of messages returned |
messages - [FindingMessageData!]
|
Messages returned |
Example
{
"offset": 123,
"limit": 123,
"totalCount": 123,
"pageLength": 987,
"messages": [FindingMessageData]
}
FindingSortBy
Fields
| Input Field | Description |
|---|---|
field - FindingSorts!
|
Field by which to sort findings |
direction - SortDirection
|
Direction in which to sort findings (asc/desc). Default = asc |
Example
{"field": "scoreImpact", "direction": "asc"}
FindingSorts
Description
Fields available to sort findings by; default: scoreImpact
Values
| Enum Value | Description |
|---|---|
|
|
The impact of a finding on the overall company risk score. Default sort field |
|
|
Deprecated. Same as scoreImpact Use 'scoreImpact' |
|
|
Primary name of the company |
|
|
|
|
|
The start of the scoring assessment period. |
|
|
|
|
|
A summary of the recommended action that should be taken to close the finding |
|
|
An ID of int64 type that is unique for a BV ID, variant, and finding code |
|
|
The escalation status of the finding with respect to the client (the findingEscalationStatus field) |
|
|
The escalation status of the finding from the perspective of the third party |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
First escalated timestamp on the finding's active case, if there is one |
|
|
Last escalated timestamp on the finding's active case, if there is one |
|
|
Last observed timestamp on the finding |
|
|
Number of automated follow-ups on the finding's active case, if there is one |
|
|
Number of follow-up emails sent on the finding's active case, if there is one |
|
|
Number of days since the finding's active case, if there is one, was first escalated |
|
|
|
|
|
Domains affected + IPs affected. |
|
|
|
|
|
Finding code is an integer that represents the specific type of a finding. See the dictionary query and the DataDictionary type. |
Example
"scoreImpact"
FindingStatus
Description
Closed findings are stored but do not affect score
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"open"
FirmographicData
Description
The firmographic data for a company
Fields
| Field Name | Description |
|---|---|
employeeRange - String
|
|
revenueRange - String
|
|
naicsCode - String
|
|
naicsDescription - String
|
|
sicCode - String
|
|
sicDescription - String
|
|
companyDescription - String
|
|
website - String
|
|
city - String
|
|
state - String
|
|
country - String
|
|
industryCode - String
|
|
industryDescription - String
|
The company's industry description |
Example
{
"employeeRange": "xyz789",
"revenueRange": "abc123",
"naicsCode": "abc123",
"naicsDescription": "abc123",
"sicCode": "xyz789",
"sicDescription": "xyz789",
"companyDescription": "abc123",
"website": "abc123",
"city": "xyz789",
"state": "xyz789",
"country": "xyz789",
"industryCode": "abc123",
"industryDescription": "abc123"
}
Float
Description
The Float scalar type represents signed double-precision fractional values as specified by IEEE 754.
Example
987.65
FootprintSummary
Description
Summary statistics for a company's public-facing internet footprint - the aggregate of its IP-based and domain-based assets and their geographic distribution. Use this for quick "how many assets does this company have", "in how many countries does this company operate", or "show me the country distribution of company X's infrastructure" questions. Part of the Company type. See also DomainInfo and IPInfo for asset-level detail.
Synonyms: asset summary, infrastructure overview, geographic distribution, network footprint, surface area, surface area, attack surface, ips and domains.
Fields
| Field Name | Description |
|---|---|
totalIpCount - Int64
|
Total number of unique IP-based assets (IP addresses) in this company's footprint. Synonyms: asset count, total assets, infrastructure size. |
totalIpRangeCount - Int
|
Total number of IP ranges/CIDRs in this company's footprint. Synonyms: range count, CIDR count. |
totalDomainCount - Int
|
Total number of domain-based assets in this company's footprint. Synonyms: domain count, web asset count. |
totalCountryCount - Int
|
Number of distinct countries in which this company has any IP-based assets - i.e. the geographic spread of its infrastructure. Synonyms: country count, geographic spread, number of countries. |
countryCodes - [String!]
|
The set of countries (as two-letter ISO 3166-1 alpha-2 codes) in which this company has IP-based assets. Use this to answer "where does this company have infrastructure", "in which countries are this company's assets located". Synonyms: geography, where, location, regions. |
countryIpCounts - [CountryIPCount!]
|
Per-country breakdown of IP-based assets in this company's footprint. Use this for visualizations of asset distribution by geography ("show me where this company's assets are", "country breakdown of infrastructure"). Synonyms: asset map, geographic distribution, by country. |
finalizedTS - Time
|
The date this footprint version was completed and sent for scoring for the first time |
Example
{
"totalIpCount": 123,
"totalIpRangeCount": 123,
"totalDomainCount": 123,
"totalCountryCount": 123,
"countryCodes": ["GB", "US"],
"countryIpCounts": [CountryIPCount],
"finalizedTS": "2024-02-06T20:24:21Z"
}
FourthPartyExposureInsights
Description
A collection of fourth party exposure organized by finding code. Includes finding code's description, summary, and assessment date.
Fields
| Field Name | Description |
|---|---|
summary - String
|
A brief summary of the finding code |
description - String
|
A description of what the finding code is. |
assessmentDateEnd - String
|
The most recent assessment date |
findingCode - Int64
|
The finding code of these vendor discoveries. |
exposureData - [ExposureData]
|
List of exposures of a specific finding code |
Example
{
"summary": "abc123",
"description": "abc123",
"assessmentDateEnd": "xyz789",
"findingCode": 123,
"exposureData": [ExposureData]
}
FourthPartyExposureSortBy
Description
Specify sort field and direction when selecting fourthPartyExposure objects
Fields
| Input Field | Description |
|---|---|
field - ExposureSort!
|
|
direction - SortDirection
|
Example
{"field": "breachDate", "direction": "asc"}
Function
Description
TPRM portal/API functions that users can have, and that are used to manage TPRM API access and portal functionality. Functions correspond to categories of API endpoints and GraphQL operations, and flow from the particular RolePolicyPermissions in a user's role(s). 'admin' will appear if the user has either temporary admin privileges from the adminOn mutation or permanent privileges from a role.
Fields
| Field Name | Description |
|---|---|
name - String!
|
Function name |
permissionSources - [String!]!
|
Permission sources (TPRM client UUID or CDP realm ID) |
Example
{
"name": "xyz789",
"permissionSources": ["xyz789"]
}
GDD
Description
GDD Data are no longer available as of 2024-02-01
Fields
| Field Name | Description |
|---|---|
familyVersion - [GDDFamilyVersion!]
|
GDD Data are no longer available as of 2024-02-01. |
observations - [GDDObservations!]
|
GDD Data are no longer available as of 2024-02-01. |
ips - [GDDIps!]
|
List IPs as dotted quad strings if you want to limit to only matching IPs. Returns all IPs that have at least one observation in the specified time window GDD Data are no longer available as of 2024-02-01. |
Arguments
|
|
Example
{
"familyVersion": [GDDFamilyVersion],
"observations": [GDDObservations],
"ips": [GDDIps]
}
GDDFamilyVersion
Description
GDD Data are no longer available as of 2024-02-01
Example
{
"cpeType": "os_desktop",
"isUnsupported": true,
"observationTimestampFirst": "abc123",
"observationTimestampLast": "abc123",
"cpeFamily": "windows",
"cpeVersion": "abc123",
"observationTimesSeen": 123,
"uniqueIps": 987
}
GDDIps
Description
GDD Data are no longer available as of 2024-02-01
Example
{
"cpeType": "os_desktop",
"isUnsupported": true,
"observationTimestampFirst": "abc123",
"observationTimestampLast": "xyz789",
"clientIp": "abc123",
"observationTimesSeen": 123
}
GDDObservations
Description
GDD Data are no longer available as of 2024-02-01
Example
{
"cpeType": "os_desktop",
"isUnsupported": true,
"observationDate": "xyz789",
"observationTimestampFirst": "xyz789",
"observationTimestampLast": "xyz789",
"numberOfDetails": 123
}
GlobalClientConfiguration
Description
Information about a TPRM client
Fields
| Field Name | Description |
|---|---|
clientName - String!
|
The name of the client |
clientUuid - UUID!
|
The UUID of the client |
realmId - String
|
The client's CDP realm |
salesforceId - String
|
The client's Salesforce ID |
snowSysId - UUID
|
The client's ServiceNow Sys ID |
isArchived - Boolean!
|
Whether the client is archived in TPRM (so has no TPRM services) |
desks - [Desk!]
|
The desks the client is in |
serviceSetups - [ServiceSetup!]
|
Information on the services, associated quotas, and current usage a client has. Companies that remained in a service for less than 24 hours are not counted against quotas, churn rate or maximum additions limits. |
licenseQuantity - [LicenseQuantity]!
|
Information on the number of licenses of each type a client has. It only returns active licenses. |
Example
{
"clientName": "xyz789",
"clientUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"realmId": "xyz789",
"salesforceId": "xyz789",
"snowSysId": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"isArchived": false,
"desks": [Desk],
"serviceSetups": [ServiceSetup],
"licenseQuantity": [LicenseQuantity]
}
GlobalClientConfigurationFilter
Description
Filters for the globalClientConfigurationInfo query
Fields
| Input Field | Description |
|---|---|
clientNamesWildcard - [String!]
|
Filter by the name of the TPRM client with wildcard matching |
clientUuids - [UUID!]
|
Filter by the UUID of the TPRM client |
realmIds - [String!]
|
Filter by the client's CDP realm |
salesforceIds - [String!]
|
Filter by Salesforce IDs |
snowSysIds - [UUID!]
|
FIlter by ServiceNow Sys IDs |
Example
{
"clientNamesWildcard": ["abc123"],
"clientUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"realmIds": ["xyz789"],
"salesforceIds": ["xyz789"],
"snowSysIds": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
]
}
GlobalClientConfigurationInfo
Description
Wrapper for TPRM client configurations for the globalClientConfigurationInfo query
Fields
| Field Name | Description |
|---|---|
totalCount - Int64!
|
Count of client configuration items regardless of whether they fit within limit |
pageLength - Int!
|
Count of client configuration items that were returned to user |
clientConfigurations - [GlobalClientConfiguration!]
|
The client configuration items |
Example
{
"totalCount": 123,
"pageLength": 987,
"clientConfigurations": [GlobalClientConfiguration]
}
GlobalClientConfigurationSortBy
Description
Sort TPRM clients in the GlobalClientConfiguration type
Fields
| Input Field | Description |
|---|---|
field - GlobalClientConfigurationSorts!
|
Field by which to sort TPRM clients |
direction - SortDirection
|
Direction in which to sort TPRM clients (asc/desc). Default = asc |
Example
{"field": "clientName", "direction": "asc"}
GlobalClientConfigurationSorts
Description
Fields available in the GlobalClientConfigurationSortBy type by which to sort TPRM clients; default: clientName/asc
Values
| Enum Value | Description |
|---|---|
|
|
The client's name |
|
|
The client's ID in UUID format |
|
|
The client's CDP realm ID |
|
|
The client's ServiceNow Sys ID |
|
|
The client's Salesforce ID |
Example
"clientName"
GlobalClientResponse
Description
Response to a mutation on GlobalClient
Fields
| Field Name | Description |
|---|---|
code - Int!
|
HTTP response code |
message - String!
|
Error or success message |
success - Boolean!
|
Whether the mutation was successful |
client - GlobalClientConfiguration
|
TPRM client that was created or updated |
Example
{
"code": 123,
"message": "abc123",
"success": true,
"client": GlobalClientConfiguration
}
GlobalClientToAdd
Description
The input to the globalClientCreate mutation
Fields
| Input Field | Description |
|---|---|
clientName - String!
|
The name for this TPRM client |
realmId - String
|
The CDP realm |
salesforceId - String
|
The Salesforce ID for this TPRM client |
snowSysId - UUID
|
The ServiceNow Sys ID for this TPRM client |
desks - [DeskLookup!]
|
Desk(s) the client should be in; will default to 'US' |
Example
{
"clientName": "xyz789",
"realmId": "xyz789",
"salesforceId": "abc123",
"snowSysId": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"desks": [DeskLookup]
}
GlobalClientToUpdate
Description
The input to the globalClientUpdate mutation
Fields
| Input Field | Description |
|---|---|
clientUuid - UUID!
|
The UUID of the TPRM client to be changed |
desksToAdd - [DeskLookup!]
|
Desk(s) to add client the client to |
desksToDelete - [DeskLookup!]
|
Desk(s) to remove the client from |
replaceAllDesksFlag - Boolean
|
If specified, replace all the client's desks with those in desksToAdd |
Example
{
"clientUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"desksToAdd": [DeskLookup],
"desksToDelete": [DeskLookup],
"replaceAllDesksFlag": false
}
GlobalUserInfo
Description
This is the holder for users across clients, with pagination and counts. Returned by the globalUserInfo query
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
Limit and offset echo back the parameters |
totalCount - Int64!
|
Count of users matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of users returned |
users - [UserClients!]
|
CDP or TPRM portal/API users |
Example
{
"offset": 123,
"limit": 123,
"totalCount": 123,
"pageLength": 123,
"users": [UserClients]
}
Group
Description
TPRM portal/API groups that users can belong to, and that are used to manage TPRM API access and portal functionality.
Fields
| Field Name | Description |
|---|---|
uuid - UUID!
|
Group ID in UUID format |
name - String!
|
Group name |
description - String
|
Description of group |
assignableFlag - Boolean!
|
Whether group is assignable to users by client |
createdTS - String!
|
Timestamp when created |
updatedTS - String!
|
Timestamp when last updated |
createdBy - String!
|
Username that created this item |
updatedBy - String!
|
Username that last updated this item |
Example
{
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"name": "abc123",
"description": "xyz789",
"assignableFlag": true,
"createdTS": "xyz789",
"updatedTS": "abc123",
"createdBy": "abc123",
"updatedBy": "abc123"
}
GroupFilter
Fields
| Input Field | Description |
|---|---|
uuids - [UUID!]
|
Filter groups by one or more IDs in UUID format. Default = null |
names - [String!]
|
Filter groups by one or more names (wildcard matching). Default = null |
descriptions - [String!]
|
Filter groups by one or more descriptions (wildcard matching). Default = null |
assignableFlag - Boolean
|
Filter policy permissions by assignable flag (whether client can assign group to users). Default = null |
sortBy - [GroupSortBy]
|
Sort returned groups by specified fields and directions |
Example
{
"uuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"names": ["xyz789"],
"descriptions": ["abc123"],
"assignableFlag": true,
"sortBy": [GroupSortBy]
}
GroupInfo
Description
This is the holder for Okta groups, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
Limit and offset echo back the parameters |
totalCount - Int!
|
Count of groups matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of groups returned |
groups - [Group!]
|
TPRM portal/API Okta groups |
Example
{
"offset": 123,
"limit": 987,
"totalCount": 987,
"pageLength": 987,
"groups": [Group]
}
GroupSortBy
Fields
| Input Field | Description |
|---|---|
field - GroupSorts!
|
Field by which to sort groups |
direction - SortDirection
|
Direction in which to sort groups (asc/desc). Default = asc |
Example
{"field": "uuid", "direction": "asc"}
GroupSorts
Description
Fields available by which to sort groups; default: uuid/asc
Values
| Enum Value | Description |
|---|---|
|
|
Group ID in UUID format |
|
|
Name of group |
|
|
Description of group |
|
|
Whether client can assign group to users |
Example
"uuid"
HistoricScore
Description
For now, this is only overall score (finding code 0) for a company on a particular date.
Fields
| Field Name | Description |
|---|---|
scoreDate - String!
|
Score is calculated based on data collected through the end of this date. Date is in 'YYYY-MM-DD' format |
findingCode - Int!
|
Finding code is an integer that represents the specific type of a finding. Finding code 0 indicates the overall company score. See the dictionary query and the DataDictionary type. |
score - Float
|
|
findingStatusCode - Int
|
A finding status code of 4 indicates low data/visibility; other codes indicate a valid score |
Example
{
"scoreDate": "2023-01-31",
"findingCode": 0,
"score": 94.72794,
"findingStatusCode": 0
}
History
Description
An event or change associated with a finding, returned from the recentActivity part of the Finding type, from the findingInfo query.
Fields
| Field Name | Description |
|---|---|
id - String
|
A unique ID for the event in UUID format |
message - String
|
A short description of the change |
timestamp - String
|
When the event occurred |
description - String
|
A description of the change |
updateType - String
|
The type of event or change, or the field that changed: 'analyst_comment', 'action_summary', 'Action Summary' (deprecated), 'finding_description', 'finding_status_code' (deprecated), 'resolution', 'Escalation Status' (deprecated in favor of 'resolution'). Deprecated values may still be found in older history items. |
updateValue - String
|
The new value after the change |
Example
{
"id": "b605fdf7-dbce-4b42-bdbf-9c052f0a2a71",
"message": "xyz789",
"timestamp": "2022-07-06T20:23:47.942826Z",
"description": "abc123",
"updateType": "abc123",
"updateValue": "abc123"
}
HostingProvider
Description
The providers used by a company to host its domains and subdomains
Fields
| Field Name | Description |
|---|---|
hostingProvider - String!
|
|
assetPercentage - Float!
|
The number of hostnames that have been observed to be hosted within a given hosting provider relative to the total number of hostnames associated with the entity. |
hostnameCount - Int!
|
The number of distinct DNS qnames |
resolutionPercentage - Float!
|
The number of observations that were resolved by a given hosting provider (identified by IP address) relative to the total number of resolved observations for all hosting providers associated with the entity. |
Example
{
"hostingProvider": "abc123",
"assetPercentage": 123.45,
"hostnameCount": 123,
"resolutionPercentage": 123.45
}
HostingProviderInfo
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
Limit and offset echo back the parameters |
totalCount - Int64!
|
Count of providers matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of providers returned |
hostingProviders - [HostingProvider!]
|
Example
{
"offset": 987,
"limit": 987,
"totalCount": 123,
"pageLength": 987,
"hostingProviders": [HostingProvider]
}
HostingProviderSortBy
Fields
| Input Field | Description |
|---|---|
field - HostingProviderSorts!
|
|
direction - SortDirection
|
Example
{"field": "hostingProvider", "direction": "asc"}
HostingProviderSorts
Description
Fields available by which to sort hosting providers; default: hostingProvider/asc
Values
| Enum Value | Description |
|---|---|
|
|
Default, case-insensitive sort |
|
|
|
|
|
|
|
|
Example
"hostingProvider"
ID
Description
The ID scalar type represents a unique identifier, often used to refetch an object or as key for a cache. The ID type appears in a JSON response as a String; however, it is not intended to be human-readable. When expected as an input type, any string (such as "4") or integer (such as 4) input value will be accepted as an ID.
Example
4
IPFilter
Description
Filters for IP address/range info (a company's network assets) associated with a footprint. Use this when answering questions about a company's assets, infrastructure, or network presence in a specific geography. For example, "show me all assets in Ukraine" maps to ipInfo(filter: { countryCodes: ["UA"] }).
Synonyms (for selecting this filter): assets, infrastructure, network, IPs, IP addresses, CIDR ranges.
Fields
| Input Field | Description |
|---|---|
countryCodes - [String!]
|
Filter to IPs whose CURRENT geographic location is one of these country codes (ISO 3166-1 alpha-2, e.g. ["UA"], ["US","GB"]). This is the right filter for questions like "assets in Ukraine" or "infrastructure located in country X". Case-insensitive. |
netGeoCountries - [String!]
|
Filter to IPs whose CURRENT geographic location is one of these country names spelled out (e.g. ["Ukraine","United States"]). Equivalent to countryCodes but uses full country names instead of two-letter codes. Case-insensitive. |
ips - [String!]
|
Filter by exact IP addresses (IPv4 only). |
Example
{
"countryCodes": ["xyz789"],
"netGeoCountries": ["abc123"],
"ips": ["xyz789"]
}
IPInfo
Description
Registration and other information about an IP-based asset (an IP address or CIDR range) belonging to a company's public internet footprint. Each IPInfo record represents one network asset and carries both registration metadata (who registered it, in what country) and current geolocation data (where the IP physically resolves today, as a country code).
Synonyms: asset, network asset, infrastructure, IP, IP address, CIDR, range. To filter IPInfo records by geography use IPFilter.countryCodes (current location) or IPFilter.netGeoCountries (current location, full country name).
Fields
| Field Name | Description |
|---|---|
ipRange - String!
|
IP range as a string, either "start - end" or "start" if a /32 |
address - String
|
Registration street address - the location of the organization that registered the IP address |
certificates - [String]
|
|
cidr - String
|
|
city - String
|
Registration city - the location of the organization that registered the IP address |
cloudProviderInfo - [CloudProviderInfo!]
|
|
country - String
|
Registration country (full name) - the country in which the organization that registered the IP address is based. NOT the current geographic location of the IP itself - for that see countryCode and netGeoCountry. Synonyms: registrant country, owner country. |
countryCode - String
|
The current geographic location of the IP address, as a two-letter ISO 3166-1 alpha-2 country code (e.g. "UA" for Ukraine, "US" for the United States). This is what to filter on when answering "where is this asset" or "what assets does the company have in [country X]". Synonyms: country, where, location, geography, region. |
emails - [String]
|
Registration emails |
ipEnd - String
|
Last IP address of range |
ipStart - String
|
First IP address of range |
latitude - Float
|
|
longitude - Float
|
|
netGeoCountry - String
|
The current geographic location of the IP address, as a full country name (e.g. "Ukraine", "United States"). Equivalent in meaning to countryCode but spelled out. Synonyms: geography, location, where, region. |
netName - String
|
Name given to the network (IP range) when it is registered |
registrar - String
|
|
registrantName - String
|
|
registrantOrganization - String
|
Organization that registered the IP address or range |
state - String
|
Registration state - the location of the organization that registered the IP address |
subdomains - [Subdomain!]
|
|
tags - [TagInfo!]
|
|
adminOrganization - String
|
|
attributionSummary - String
|
Short explanation of how this IP or CIDR was attributed to the company. |
ipCount - Int64!
|
The number of IP addresses in the IP range/CIDR |
Example
{
"ipRange": "abc123",
"address": "xyz789",
"certificates": ["abc123"],
"cidr": "xyz789",
"city": "abc123",
"cloudProviderInfo": [CloudProviderInfo],
"country": "xyz789",
"countryCode": "abc123",
"emails": ["abc123"],
"ipEnd": "abc123",
"ipStart": "xyz789",
"latitude": 123.45,
"longitude": 123.45,
"netGeoCountry": "abc123",
"netName": "abc123",
"registrar": "xyz789",
"registrantName": "abc123",
"registrantOrganization": "abc123",
"state": "abc123",
"subdomains": [Subdomain],
"tags": [TagInfo],
"adminOrganization": "xyz789",
"attributionSummary": "xyz789",
"ipCount": 123
}
IPListInfo
Description
Paginated list of a company's IP-based assets (IP addresses and CIDR ranges) in its public-facing internet footprint. Returned by companyInfo.ipInfo and supports filtering by country, country code, and IP. Use this to answer questions about a company's assets, infrastructure, network presence, or where its IPs are located geographically. The holder for IP addresses or ranges with pagination and counts.
Synonyms: assets, infrastructure, network assets, IPs, IP addresses, CIDR ranges, network footprint.
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
Limit and offset echo back the parameters |
totalCount - Int64!
|
Count of IP address/range records matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of IP address/range records returned |
ips - [IPInfo!]
|
IP address/range records (network assets) in the company's footprint, including their geographic country, registration info, hosting provider, and CIDR. |
Example
{
"offset": 123,
"limit": 987,
"totalCount": 123,
"pageLength": 123,
"ips": [IPInfo]
}
IPSortBy
Fields
| Input Field | Description |
|---|---|
field - IPSorts!
|
|
direction - SortDirection
|
Example
{"field": "ipInt", "direction": "asc"}
IPSorts
Description
Fields used to sort IP addresses or range records
Values
| Enum Value | Description |
|---|---|
|
|
Sort results in numeric (integer order by starting IP) order (default sort) |
|
|
Name given to the network (IP range) when it is registered |
|
|
Organization that registered the IP address or range |
|
|
Registration street address - the location of the organization that registered the IP address |
|
|
Registration state - the location of the organization that registered the IP address |
|
|
Registration country - the location of the organization that registered the IP address |
|
|
The current geographical location of the IP address |
|
|
The current geographical location of the IP address, as a two-letter (ISO 3166-1 alpha-2) country code |
|
|
The number of IP addresses in the IP range/CIDR |
Example
"ipInt"
ISODuration
Description
Duration in ISO 8601 format - PT[n]H[n]M[n]S
Example
"PT25H10M02S"
InsightsInfo
Fields
| Field Name | Description |
|---|---|
fourthPartyExposure - ExposureDataWithCompanyInfo
|
Return data about "fourth party" exposure of credentials relating to companies in data breaches startDate and endDate are used to filter by breachDate, but these filters are optional. |
Arguments |
|
pdnsVendorDependency - PdnsVendorDependencyInfo
|
Returns records of pDNS of vendors that clients are dependent on. Start and end date are used to filter by last observed date. if the end date is before the start date it will be treated as absent - i.e results will be returned up to the present |
Arguments |
|
vendorDependency - VendorDependencyInfo
|
Returns records of vendors that clients are dependent on. No date filtering is applied. If the distinct object is not null that means the query will only return distinct values of the field you submit. If you don't submit one it will default to category. If you request any of the fields that are not the distinct field the query will return an empty string, a zero, or a null depending on the datatype of the field. |
Arguments
|
|
vendorDependencyLegacy - VendorDependencyLegacyInfo
|
Returns records of vendors that clients are dependent on. Uses the old vendor dependency v1 data. Use distinct flag to get distinct vendors only. Not available to public api. |
Arguments
|
|
categorySummarizedCount - CategorySummarizedCountInfo
|
Count of unique categories for a client/portfolios. No date filtering is applied. |
Arguments
|
|
vendorSummarizedCount - VendorSummarizedCountInfo
|
Count of unique vendors associated with each category for the client/portfolios. No date filtering is applied. |
Arguments
|
|
productSummarizedCount - ProductSummarizedCountInfo
|
Count of unique products associated with each vendor and category for the client/portfolios. No date filtering is applied. |
Arguments
|
|
companiesSummarizedCount - CompanySummarizedCountInfo
|
Get a list of all unique companies and their count for each product, category, and vendor. No date filtering is applied. |
Arguments
|
|
vendorDependencyCountsPerCategory - VendorDependencyCountsPerCategoryInfo
|
Per-category count of vendors, products, and companies (sorted by category), from vendor dependency insights. Can be additionally filtered by portfolios, attributes, and BV IDs from the top-level filter. No date filtering is applied. |
Arguments |
|
vendorDependencyCountsPerVendor - VendorDependencyCountsPerVendorInfo
|
Per-vendor count of products and companies (sorted by vendor), from vendor dependency insights. Can be additionally filtered by portfolios, attributes, and BV IDs from the top-level filter. No date filtering is applied. |
Arguments |
|
vendorDependencyCountsPerProduct - VendorDependencyCountsPerProductInfo
|
Per-product count of companies (sorted by product), from vendor dependency insights. Can be additionally filtered by portfolios, attributes, and BV IDs from the top-level filter. No date filtering is applied. |
Arguments |
|
emailSaasInsights - EmailSaasInsightsInfo
|
Returns email Saas insights detected on domains |
Arguments |
|
emailSaasDomainWithoutSecurity - EmailSaasInsightsInfo
|
Returns insights for when no email Saas solution was detected for domains |
Arguments |
|
bannerBusterInsights - BannerBusterInsightsInfo
|
Returns the banner buster insights (insights detected on IP addresses/ports) Start and end date are used to filter by last observed date. if the end date is before the start date it will be treated as absent - i.e results will be returned up to the present |
Arguments |
|
businessRisk - BusinessRiskInsightInfo
|
Return data about "business risk events" that are relevant to a particular client Date filtering is on the date field. Note the portfolio and attribute filtering semantics are still evolving. ** EXPERIMENTAL ** |
Arguments |
|
cveCatalog - CVECatalogRollupInfo
|
Return rolled up counts about how particular CVEs affect the client's portfolio of companies. This also mixes in generic info about cves that DON'T affect the client. The filters filter over both the cves that are present and the ones that are not. Date filtering is currently unimplemented ** EXPERIMENTAL ** |
Arguments |
|
cveCatalogGeneric - CVECatalogGenericInfo
|
Information about all CVEs across all clients. Date filtering is currently unimplemented |
Arguments |
|
Example
{
"fourthPartyExposure": ExposureDataWithCompanyInfo,
"pdnsVendorDependency": PdnsVendorDependencyInfo,
"vendorDependency": VendorDependencyInfo,
"vendorDependencyLegacy": VendorDependencyLegacyInfo,
"categorySummarizedCount": CategorySummarizedCountInfo,
"vendorSummarizedCount": VendorSummarizedCountInfo,
"productSummarizedCount": ProductSummarizedCountInfo,
"companiesSummarizedCount": CompanySummarizedCountInfo,
"vendorDependencyCountsPerCategory": VendorDependencyCountsPerCategoryInfo,
"vendorDependencyCountsPerVendor": VendorDependencyCountsPerVendorInfo,
"vendorDependencyCountsPerProduct": VendorDependencyCountsPerProductInfo,
"emailSaasInsights": EmailSaasInsightsInfo,
"emailSaasDomainWithoutSecurity": EmailSaasInsightsInfo,
"bannerBusterInsights": BannerBusterInsightsInfo,
"businessRisk": BusinessRiskInsightInfo,
"cveCatalog": CVECatalogRollupInfo,
"cveCatalogGeneric": CVECatalogGenericInfo
}
Int
Description
The Int scalar type represents non-fractional signed whole numeric values. Int can represent values between -(2^31) and 2^31 - 1.
Example
123
Int64
Description
Int64 is an integer with 64 bits reserved so it can represent a number that is up to 2^64 in size
Example
123
IpSearch
Fields
| Field Name | Description |
|---|---|
cidr - String!
|
Reserved cidr range by this cloud provider. |
registrantOrganization - String!
|
Registering organization that reserved this IP. |
company - CompanyFromSearchResult
|
Company information about the company that has this IP reserved. Only companies currently in the client's external_regular portfolios appear here (type Company). |
cloudProviderInfo - CloudProviderInfo
|
Additional information if a cloud provider reserved this IP. |
Example
{
"cidr": "abc123",
"registrantOrganization": "abc123",
"company": Company,
"cloudProviderInfo": CloudProviderInfo
}
IpSearchFilter
IpSearchInfo
Fields
| Field Name | Description |
|---|---|
totalCount - Int64!
|
Count of IPs matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of IPs matching filter that were returned to user |
ipSearch - [IpSearch!]
|
The IPs and the company related to them. |
Example
{
"totalCount": 123,
"pageLength": 123,
"ipSearch": [IpSearch]
}
LicenseQuantity
Description
The client's purchased licenses, with totals by product name and description
Example
{
"totalLicenseCount": 987,
"licenseKey": "xyz789",
"productName": "xyz789",
"productDescription": "xyz789"
}
Map
Description
Key/value pairs, where keys are strings and values can be any scalar, object or array
Example
{"key1": [1, 2, 3], "key2": "strVal", "key3": true}
Measurement
Description
A time and associated value returned in a TimeSeries object
Example
{"date": "2023-09-01T22:42:50.000", "value": 123.45}
Message
Description
This is a JSON blob containing the fields source, message, timestamp, returned in the messages field of the Finding type.
Example: {"source": "BlueVoyant Risk ServiceRiskService@bluevoyant.com", "message": "Some message in **markdown** here", "timestamp": "2023-11-27T15:28:10.642546+00:00"}
Example
{
"source": "BlueVoyant Risk Service<[email protected]>",
"message": "Some message in **markdown** here",
"timestamp": "2023-11-27T15:28:10.642546+00:00"
}
PdnsVendorDependency
Fields
| Field Name | Description |
|---|---|
bvid - UUID!
|
The unique BlueVoyant identifier (BV ID) of the company. |
qname - String
|
The name of the pDNS entity. |
requestingIp - String
|
IP address of the requesting pDNS entity. |
findingCode - Int64
|
Finding code is an integer that represents the specific type of a finding. See the dictionary query and the DataDictionary type. |
category - String
|
The category the of the specific vendor product (Endpoint Security, Email Security, Network Security, etc). |
vendor - String
|
The name of the vendor. |
product - String
|
The name of the product that the vendor is providing. |
updatedTS - Time!
|
The time of last updating |
lastObservedTS - Time!
|
The last time it was observed |
company - CompanyByService
|
Company object with much more data for each vendor dependency |
Example
{
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"qname": "xyz789",
"requestingIp": "xyz789",
"findingCode": 123,
"category": "xyz789",
"vendor": "xyz789",
"product": "xyz789",
"updatedTS": "2024-02-06T20:24:21Z",
"lastObservedTS": "2024-02-06T20:24:21Z",
"company": Company
}
PdnsVendorDependencyInfo
Fields
| Field Name | Description |
|---|---|
pdnsVendorDependencies - [PdnsVendorDependency!]
|
A list of pDNS vendor dependencies. |
totalCount - Int64!
|
The total number of objects that fit the filter given regardless of limit. |
pageLength - Int!
|
The total amount of objects returned to user. Between zero and the limit provided. |
Example
{
"pdnsVendorDependencies": [PdnsVendorDependency],
"totalCount": 123,
"pageLength": 987
}
PdnsVendorDependencySort
Values
| Enum Value | Description |
|---|---|
|
|
The category associated with the product |
|
|
The category associated with the product |
|
|
The product detected |
|
|
The time the insight was last updated (process date) |
|
|
Finding code is an integer that represents the specific type of a finding. See the dictionary query and the DataDictionary type. |
|
|
The unique BlueVoyant identifier (BV ID) of the company associated with this insight |
|
|
Primary name of the company |
|
|
Name of the portfolio containing the company |
|
|
The last time this specific insight was observed or validated |
Example
"category"
PdnsVendorDependencySortBy
Fields
| Input Field | Description |
|---|---|
field - PdnsVendorDependencySort!
|
Field by which to sort vendors. Default = updatedTS |
direction - SortDirection
|
Direction in which to sort vendors (asc/desc). Default = asc |
Example
{"field": "category", "direction": "asc"}
PeerScore
Description
A set of scores associated with a finding code that indicates the risk category (or overall score) for a company's industry peers. A peer is defined as an organization in the same industry, and one that has a similar digital footprint size range. Part of the Company type (peerScores) that is returned from the companyInfo query.
Fields
| Field Name | Description |
|---|---|
assessmentDateEnd - String!
|
The end of the scoring assessment period |
findingCode - Int!
|
Finding code is an integer that represents the type of finding. These finding codes all indicate the risk category or the overall score (0). |
riskCategory - RiskCategory
|
Corresponding risk category for the finding code. A finding code of 0 indicates the overall company risk score. |
averageScore - Float
|
The average score across all peers |
minimumScore - Float
|
The minimum score of any peer |
maximumScore - Float
|
The maximum score of any peer |
medianScore - Float
|
The median score of all peer scores |
standardDeviation - Float
|
The standard deviation from the mean score |
percentile25Score - Float
|
25% of the peers are at or below this score |
percentile75Score - Float
|
75% of the peers are at or below this score |
Example
{
"assessmentDateEnd": "2024-03-25",
"findingCode": 123,
"riskCategory": "AdversarialThreats",
"averageScore": 987.65,
"minimumScore": 123.45,
"maximumScore": 123.45,
"medianScore": 123.45,
"standardDeviation": 987.65,
"percentile25Score": 123.45,
"percentile75Score": 987.65
}
Portfolio
Fields
| Field Name | Description |
|---|---|
portfolioUuid - UUID!
|
|
portfolioName - String!
|
|
portfolioType - PortfolioType!
|
Example
{
"portfolioUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"portfolioName": "xyz789",
"portfolioType": "external_regular"
}
PortfolioAttributeFilter
Description
Where a field is specified, only select companies with a value matching one of those in the set specified. Only return companies for which all per-field constraints are met.
Example
{
"portfolioUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"attributes": ["xyz789"],
"bvids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
]
}
PortfolioData
Fields
| Field Name | Description |
|---|---|
portfolioName - String!
|
Portfolio name |
portfolioType - PortfolioType!
|
Portfolio type |
portfolioUuid - UUID!
|
Portfolio ID |
companyCount - Int!
|
Count of companies in the portfolio |
description - String!
|
Portfolio description |
createdBy - String!
|
Username that created this portfolio |
createdTS - String!
|
Timestamp when created |
updatedBy - String!
|
Username that last updated this portfolio |
updatedTS - String!
|
Timestamp when last updated |
Example
{
"portfolioName": "abc123",
"portfolioType": "external_regular",
"portfolioUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"companyCount": 987,
"description": "abc123",
"createdBy": "abc123",
"createdTS": "xyz789",
"updatedBy": "xyz789",
"updatedTS": "abc123"
}
PortfolioFilter
Description
Filter used by the portfolioInfo query
Fields
| Input Field | Description |
|---|---|
portfolioTypes - [PortfolioType!]
|
The portfolio type can only include 'external_regular' or 'unmonitored' |
portfolioUuids - [UUID!]
|
Filter portfolios by one or more uuids in UUID format |
portfolioNames - [String!]
|
Filter portfolios by one or more names |
descriptions - [String!]
|
A description of the portfolio |
sortBy - [PortfolioSortBy]
|
Sort returned portfolios by specified fields and directions |
Example
{
"portfolioTypes": ["external_regular"],
"portfolioUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"portfolioNames": ["abc123"],
"descriptions": ["xyz789"],
"sortBy": [PortfolioSortBy]
}
PortfolioInfo
Description
This is the holder for portfolios, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
Offset and limit echo back the parameters |
totalCount - Int!
|
Count of portfolios matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Number of portfolios returned |
portfolios - [PortfolioData!]
|
List of portfolios for client |
Example
{
"offset": 987,
"limit": 123,
"totalCount": 123,
"pageLength": 987,
"portfolios": [PortfolioData]
}
PortfolioSortBy
Fields
| Input Field | Description |
|---|---|
field - PortfolioSorts!
|
Field by which to sort portfolios |
direction - SortDirection
|
Direction in which to sort contacts (asc/desc). Default = asc |
Example
{"field": "portfolioUuid", "direction": "asc"}
PortfolioSorts
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"portfolioUuid"
PortfolioToAdd
Description
Inputs to create portfolio
Fields
| Input Field | Description |
|---|---|
portfolioName - String!
|
Portfolio name |
portfolioType - PortfolioType!
|
Portfolio type. Default = external_regular |
description - String
|
Portfolio description |
Example
{
"portfolioName": "xyz789",
"portfolioType": "external_regular",
"description": "abc123"
}
PortfolioToUpdate
Description
Inputs to update a portfolio
Fields
| Input Field | Description |
|---|---|
portfolioUuid - UUID!
|
Portfolio ID |
portfolioName - String
|
Portfolio name |
portfolioType - PortfolioType
|
Portfolio type |
description - String
|
Portfolio description |
Example
{
"portfolioUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"portfolioName": "abc123",
"portfolioType": "external_regular",
"description": "abc123"
}
PortfolioType
Description
A portfolio is a group of companies
Values
| Enum Value | Description |
|---|---|
|
|
Portfolio type for companies under cyber-monitoring/remediation |
|
|
Portfolio type for companies not under cyber-monitoring but that have other services (e.g. Business Risk, Cyber Screening) |
|
|
Deprecated portfolio type/product. Do not use. |
Example
"external_regular"
PortfoliosAuditLog
Description
This is the holder for portfolio audit log data portfoliosAuditLog query, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
|
totalCount - Int!
|
Count of portfolio audit log entries matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of results returned |
portfoliosAuditLog - [PortfoliosAuditLogData!]
|
List of portfolios for client |
Example
{
"offset": 987,
"limit": 987,
"totalCount": 987,
"pageLength": 987,
"portfoliosAuditLog": [PortfoliosAuditLogData]
}
PortfoliosAuditLogData
Fields
| Field Name | Description |
|---|---|
portfolioName - String
|
Portfolio name associated with this audit log entry, at the time the action was taken. Note that if the portfolio name has since changed, this would be an old name. |
portfolioUuid - UUID
|
Portfolio UUID associated with this audit log entry. |
changedBy - String!
|
Username associated with this audit log entry (the user who made the change) |
bvid - String
|
BV ID of the associated change, if this was a company add, move, or delete action. |
primaryName - String
|
Primary name of the company associated with the bvid, if this was a company add, move, or delete action. |
variant - String
|
Variant of the associated change, if this was a company add, move, or delete action. |
actionTaken - String!
|
Action taken: 'Company Moved', 'Company Added', 'Company Removed', 'Portfolio Updated', 'Portfolio Deleted', 'Portfolio Added' |
context - String!
|
Context of the change that indicates what has been updated: 'Portfolio', 'Portfolio Type', 'Name', 'Description', 'Internal' |
beforeChange - String!
|
Original value before the change was made. |
afterChange - String!
|
New value after the change was made. |
changeTS - Time!
|
Timestamp associated with audit log entry |
Example
{
"portfolioName": "xyz789",
"portfolioUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"changedBy": "abc123",
"bvid": "abc123",
"primaryName": "abc123",
"variant": "xyz789",
"actionTaken": "abc123",
"context": "abc123",
"beforeChange": "abc123",
"afterChange": "xyz789",
"changeTS": "-"
}
ProductByDomainDetection
ProductByDomainDetectionInfo
Description
A collection of fourth party exposure organized by finding code. Includes finding code's description, summary, and assessment date.
Fields
| Field Name | Description |
|---|---|
summary - String
|
A brief summary of the finding code |
description - String
|
A description of what the finding code is. |
assessmentDateEnd - String
|
The most recent assessment date |
findingCode - Int64
|
The finding code of these vendor discoveries. |
domains - [ProductByDomainDetection]
|
List of domains of a specific finding code |
Example
{
"summary": "abc123",
"description": "xyz789",
"assessmentDateEnd": "xyz789",
"findingCode": 123,
"domains": [ProductByDomainDetection]
}
ProductByIPDetection
Description
Insights about a product detected on an IP address
Example
{
"deviceName": "abc123",
"deviceVersion": "xyz789",
"hostingServer": "abc123",
"ip": "xyz789",
"port": 987,
"productName": "xyz789",
"softwarePackage": "abc123",
"softwareVersion": "abc123",
"subdomain": "abc123",
"title": "xyz789"
}
ProductByIPDetectionInsights
Description
A list of products of products by ip detection of a single finding code. Includes a summary, description, and most recent assessment date of the finding code.
Fields
| Field Name | Description |
|---|---|
summary - String
|
A brief summary of the finding code |
description - String
|
A description of what the finding code is. |
assessmentDateEnd - String
|
The most recent assessment date |
findingCode - Int64
|
The finding code of these vendor discoveries. |
detectedProducts - [ProductByIPDetection]
|
list of products by ip detection of a single finding code |
Example
{
"summary": "xyz789",
"description": "abc123",
"assessmentDateEnd": "xyz789",
"findingCode": 123,
"detectedProducts": [ProductByIPDetection]
}
ProductSummarizedCountFilter
ProductSummarizedCountInfo
Fields
| Field Name | Description |
|---|---|
totalCount - Int!
|
The total count of objects that match the user's request regardless of how many were returned. |
pageLength - Int!
|
The amount of objects returned to the user. |
items - [ProductSummarizedCounts]
|
The list of objects that match the user's request. |
Example
{
"totalCount": 123,
"pageLength": 123,
"items": [ProductSummarizedCounts]
}
ProductSummarizedCountSort
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
Example
"portfolioName"
ProductSummarizedCountSortBy
Fields
| Input Field | Description |
|---|---|
field - ProductSummarizedCountSort!
|
Field by which to sort vendors. Default = portfolioName |
direction - SummarizedSortDirection
|
Direction in which to sort users (asc/desc). Default = asc |
Example
{"field": "portfolioName", "direction": "asc"}
ProductSummarizedCounts
Fields
| Field Name | Description |
|---|---|
portfolio - String!
|
The portfolio of this portfolio/client/category/vendor combination. |
category - String!
|
The category of this portfolio/client/category/vendor combination. |
vendor - String!
|
The vendor of this portfolio/client/category/vendor combination. |
totalCount - Int!
|
The amount of products this portfolio/client/category/vendor combination contains. |
products - [String!]
|
The list of products of this portfolio/client/category/vendor combination. |
Example
{
"portfolio": "xyz789",
"category": "xyz789",
"vendor": "abc123",
"totalCount": 987,
"products": ["xyz789"]
}
RawJSON
Description
Some arbitrary json
Example
["a", "b", "c"]
ResolutionPercentage
Fields
| Field Name | Description |
|---|---|
percentage - Float
|
A float 0-100 representing the percentage of tickets for all time resolved in threshold days or less |
thresholdDays - Int
|
The resolved cases included in percentage all resolved in thresholdDays or less. A null threshold indicates that the category is unbounded, and thus reflects the all-time statistic |
Example
{"percentage": 987.65, "thresholdDays": 987}
Response
RiskCategory
Description
Our findings exist in one of these five categories. Each category has a corresponding score
Values
| Enum Value | Description |
|---|---|
|
|
Finding code: 40000. Monitoring of adversarial attacks directed at the company from malicious infrastructure. |
|
|
Finding code: 10000. Identification of incorrect configuration and best practices for email security, including use of anti-spoofing and spam protection. Findings cover the misconfiguration and lack of configuration of SPF, DKIM, and DMARC records. |
|
|
Finding code: 20000. Identification of misconfigured network infrastructure including, but not limited to, open ports and services, the use of file-sharing and torrent programs inside the company's network, as well the installation and use of potentially unwanted programs. |
|
|
Finding code: 50000. Identification of traffic emanating from the company's network to the darknet, company assets being listed on blacklists, and the existence of the company's interactions with blacklisted (adversarial) infrastructure. |
|
|
Finding code: 30000. Identification of common vulnerabilities and exposures (CVEs) on server software, improper use of TLS/SSL certificates, and the existence of CVEs that are actively being exploited by threat actors. |
Example
"AdversarialThreats"
RiskEventCategory
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"Financial"
RiskFilter
Description
Client risk filter, returned as part of RiskFiltersInfo from a riskFilterInfo query, or from riskFilterCreate or riskFilterUpdate mutations.
Fields
| Field Name | Description |
|---|---|
riskFilterId - Int!
|
Unique ID assigned to each risk filter |
description - String
|
Description of risk filter |
matchRules - [RiskFilterMatchRule!]
|
List of match rules associated with risk filter |
enabled - Boolean!
|
Enabled status of risk filter. Deprecated. Any risk filter with enabled rules is active. |
updatedTS - Time
|
Timestamp when risk filter was created or updated |
Example
{
"riskFilterId": 987,
"description": "xyz789",
"matchRules": [RiskFilterMatchRule],
"enabled": false,
"updatedTS": "2024-02-06T20:24:21"
}
RiskFilterFilter
Description
Fields available by which to filter risk filters from the riskFilterInfo query
Fields
| Input Field | Description |
|---|---|
riskFilterIds - [Int!]
|
Filter results by riskFilterId(s). Default = null |
descriptions - [String!]
|
Filter results by description(s). Does a wildcard match on each provided description. Default = null |
enabled - Boolean
|
Filter results by enabled status. Deprecated. Any risk filter with enabled rules is active. Default = null |
Example
{
"riskFilterIds": [987],
"descriptions": ["abc123"],
"enabled": false
}
RiskFilterInfo
Description
This is the holder for RiskFilters from a riskFilterInfo query, with counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
Limit and offset echo back the parameters |
totalCount - Int64!
|
Count of risk filters matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of risk filters returned |
riskFilters - [RiskFilter!]
|
Client risk filters |
Example
{
"offset": 987,
"limit": 987,
"totalCount": 123,
"pageLength": 123,
"riskFilters": [RiskFilter]
}
RiskFilterMatchField
Description
Enums for risk filter match field. Part of RiskFilterMatchRule type.
Values
| Enum Value | Description |
|---|---|
|
|
The unique BlueVoyant identifier (BV ID) of a company |
|
|
Finding code is an integer that represents the specific type of a finding. See the dictionary query and the DataDictionary type. |
|
|
A long description of a finding code |
|
|
An ID of int64 type that is unique for a BV ID, variant, and finding code |
|
|
A short description of a finding code. See the dictionary query and the DataDictionary type. |
|
|
The name of a portfolio containing companies monitored by the client |
|
|
The primary name of a company |
|
|
A risk category for a finding. See the RiskCategory type. |
|
|
The impact of a finding on the overall company risk score |
Example
"bvid"
RiskFilterMatchRule
Description
Match rule for risk filters. Part of a RiskFilter type. Each rule has a match field, type, and value, and may be negated. Rules in the same risk filter are ANDed together.
Examples (matchField, matchType, matchValue):
- findingCode regex "(10023|10024)"
- portfolioName _eq "Tier 1"
- scoreImpact _gte "10"
Fields
| Field Name | Description |
|---|---|
riskFilterId - Int!
|
ID of risk filter associated with match rule |
matchRuleId - Int!
|
Unique ID assigned to each match rule |
matchField - RiskFilterMatchField
|
Name of field being matched |
matchType - RiskFilterMatchType
|
Type of match: <= (_lte), >= (_gte), == (_eq), != (_ne), regex |
matchValue - String!
|
Value being matched/compared |
negated - Boolean!
|
Whether the match rule is negated |
enabled - Boolean!
|
Whether the match rule is enabled |
updatedTS - Time
|
Timestamp match rule was created or updated |
Example
{
"riskFilterId": 123,
"matchRuleId": 987,
"matchField": "bvid",
"matchType": "_lte",
"matchValue": "abc123",
"negated": false,
"enabled": false,
"updatedTS": "2024-02-06T20:24:21"
}
RiskFilterMatchRuleToAdd
Description
Contains info to create new match rule. Used by riskFilterCreate and riskFilterUpdate mutations. Only very limited validation is performed on the matchValue.
Fields
| Input Field | Description |
|---|---|
matchField - RiskFilterMatchField!
|
Name of field being matched |
matchType - RiskFilterMatchType!
|
Type of match: <= (_lte), >= (_gte), == (_eq), != (_ne), regex |
matchValue - String!
|
Value of matchField being matched/compared |
negated - Boolean!
|
Whether match rule should be negated |
enabled - Boolean!
|
Whether match rule should be enabled |
Example
{
"matchField": "bvid",
"matchType": "_lte",
"matchValue": "xyz789",
"negated": true,
"enabled": false
}
RiskFilterMatchRuleToDelete
Description
Contains ID of match rule to be deleted. Used by riskFilterUpdate mutation.
Fields
| Input Field | Description |
|---|---|
matchRuleId - Int!
|
ID of match rule to be deleted |
Example
{"matchRuleId": 987}
RiskFilterMatchRuleToUpdate
Description
Contains match rule info to be updated. Used by riskFilterUpdate mutation. At least one field other than matchRuleId must be provided. Only very limited validation is performed on the matchValue.
Fields
| Input Field | Description |
|---|---|
matchRuleId - Int!
|
ID of match rule to be updated |
matchField - RiskFilterMatchField
|
Name of field to be compared |
matchType - RiskFilterMatchType
|
Type of match: <= (_lte), >= (_gte), == (_eq), != (_ne), regex |
matchValue - String
|
Value of matchField being matched/compared |
negated - Boolean
|
Whether the match rule is negated |
enabled - Boolean
|
Whether the match rule is enabled |
Example
{
"matchRuleId": 987,
"matchField": "bvid",
"matchType": "_lte",
"matchValue": "xyz789",
"negated": false,
"enabled": true
}
RiskFilterMatchType
Description
Enums for risk filter match rules' match type. Part of RiskFilterMatchRule type.
Values
| Enum Value | Description |
|---|---|
|
|
Value found in matchField is less than or equal to matchValue |
|
|
Value found in matchField is greater than or equal to matchValue |
|
|
Value found in matchField is equal to matchValue |
|
|
Value found in matchField is not equal to matchValue |
|
|
Value found in matchField matches the regular expression in matchValue |
Example
"_lte"
RiskFilterSortBy
Description
Holder for the risk filter sort fields for the riskFilterInfo query
Fields
| Input Field | Description |
|---|---|
field - RiskFilterSorts!
|
|
direction - SortDirection
|
Example
{"field": "riskFilterId", "direction": "asc"}
RiskFilterSorts
Description
Fields available to sort risk filters by in the riskFilterInfo query; default: riskFilterId
Values
| Enum Value | Description |
|---|---|
|
|
Unique ID assigned to each risk filter |
|
|
Description of risk filter |
|
|
Enabled status of risk filter. Deprecated. Any risk filter with enabled rules is active. |
|
|
Timestamp when risk filter was created or updated |
Example
"riskFilterId"
RiskFilterToAdd
Description
Contains details of risk filter to be created. Used by riskFilterCreate mutation.
Fields
| Input Field | Description |
|---|---|
description - String!
|
Description of risk filter |
enabled - Boolean
|
Whether to enable risk filter. Deprecated. Any risk filter with enabled rules is active. |
matchRules - [RiskFilterMatchRuleToAdd!]
|
Match rules for risk filter |
Example
{
"description": "abc123",
"enabled": true,
"matchRules": [RiskFilterMatchRuleToAdd]
}
RiskFilterToDelete
Description
Contains details of risk filter to be deleted for risk filter. Used by riskFilterDelete mutation.
Example
{"riskFilterId": 123, "force": false}
RiskFilterToUpdate
Description
Contains info to be updated for risk filter. Used by riskFilterUpdate mutation.
Fields
| Input Field | Description |
|---|---|
riskFilterId - Int!
|
ID of risk filter to be updated |
description - String
|
New description for risk filter |
enabled - Boolean
|
Update enabled status of risk filter. Deprecated. Any risk filter with enabled rules is active. |
matchRulesToAdd - [RiskFilterMatchRuleToAdd!]
|
Add new match rule(s) to risk filter |
matchRulesToDelete - [RiskFilterMatchRuleToDelete!]
|
Delete match rule(s) from risk filter. Only match rule ID needs to be provided |
matchRulesToUpdate - [RiskFilterMatchRuleToUpdate!]
|
Update match rule(s) for a risk filter. Must provide match rule ID and at least one other field |
Example
{
"riskFilterId": 987,
"description": "abc123",
"enabled": false,
"matchRulesToAdd": [RiskFilterMatchRuleToAdd],
"matchRulesToDelete": [RiskFilterMatchRuleToDelete],
"matchRulesToUpdate": [RiskFilterMatchRuleToUpdate]
}
RiskLevel
Description
A bucketing of the risk level
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"low"
Role
Description
TPRM portal/API role - contains RolePolicyPermissions for access to API endpoints and GraphQL operations.
Fields
| Field Name | Description |
|---|---|
uuid - UUID!
|
Role ID in UUID format |
name - String!
|
Role name |
description - String!
|
Description of role |
configurableFlag - Boolean!
|
Whether clients can configure the role |
assignableFlag - Boolean!
|
Whether clients can assign the role to users |
extensionFlag - Boolean!
|
Whether role is an add-on to another role, or a primary role. Only one primary role can be assigned to a user. |
defaultFlag - Boolean!
|
Whether role is the default role assigned to users created through Okta |
clientUuid - UUID!
|
Client UUID associated with the role |
createdTS - String!
|
Timestamp when created |
updatedTS - String!
|
Timestamp when last updated |
createdBy - String!
|
Username that created this item |
updatedBy - String!
|
Username that last updated this item |
policyPermissions - [RolePolicyPermission!]
|
Policy permissions control the API endpoints and GraphQL operations available to the role |
resourcePermissions - [RoleResourcePermission!]
|
Deprecated Resource permissions have moved to the UserData object |
users - [User!]
|
Users that have this role |
Example
{
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"name": "xyz789",
"description": "xyz789",
"configurableFlag": true,
"assignableFlag": false,
"extensionFlag": true,
"defaultFlag": true,
"clientUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"createdTS": "abc123",
"updatedTS": "abc123",
"createdBy": "xyz789",
"updatedBy": "abc123",
"policyPermissions": [RolePolicyPermission],
"resourcePermissions": [RoleResourcePermission],
"users": [User]
}
RoleBase
Fields
| Field Name | Description |
|---|---|
uuid - UUID!
|
Role ID in UUID format |
name - String!
|
Role name |
description - String!
|
Description of role |
configurableFlag - Boolean!
|
Whether clients can configure the role |
assignableFlag - Boolean!
|
Whether clients can assign the role to users |
extensionFlag - Boolean!
|
Whether role is an add-on to another role, or a primary role. Only one primary role can be assigned to a user. |
defaultFlag - Boolean!
|
Whether role is the default role assigned to users created through Okta |
clientUuid - UUID!
|
Client UUID associated with the role |
createdTS - Time!
|
Timestamp when created |
updatedTS - Time!
|
Timestamp when last updated |
createdBy - String!
|
Username that created this item |
updatedBy - String!
|
Username that last updated this item |
policyPermissions - [RolePolicyPermission!]
|
Policy permissions control the API endpoints and GraphQL operations available to the role |
resourcePermissions - [RoleResourcePermission!]
|
Deprecated Resource permissions have moved to the UserDataUserData object |
Example
{
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"name": "xyz789",
"description": "abc123",
"configurableFlag": true,
"assignableFlag": true,
"extensionFlag": false,
"defaultFlag": true,
"clientUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"createdTS": "-",
"updatedTS": "-",
"createdBy": "xyz789",
"updatedBy": "abc123",
"policyPermissions": [RolePolicyPermission],
"resourcePermissions": [RoleResourcePermission]
}
RoleData
Fields
| Field Name | Description |
|---|---|
role - RoleBase!
|
|
userInfo - UserBaseInfo
|
Users that have this role |
Example
{
"role": RoleBase,
"userInfo": UserBaseInfo
}
RoleFilter
Fields
| Input Field | Description |
|---|---|
uuids - [UUID!]
|
Filter roles by one or more IDs in UUID format. Default = null |
names - [String!]
|
Filter roles by one or more names (wildcard matching). Default = null |
descriptions - [String!]
|
Filter roles by one or more descriptions (wildcard matching). Default = null |
configurableFlag - Boolean
|
Filter roles by configurable flag (whether admin users can configure the role). Default = null |
assignableFlag - Boolean
|
Filter roles by assignable flag (whether admin users can assign the role to users). Default = null |
extensionFlag - Boolean
|
Filter roles by extension flag (true if an extension/add-on; false if a primary role). Default = null |
defaultFlag - Boolean
|
Whether role is the default role assigned to users created through Okta. Default = null |
policyPermissionIds - [Int!]
|
Filter roles by one or more policy permission IDs. Default = null |
policyPermissionNames - [String!]
|
Filter roles by one or more policy permission names (wildcard matching). Default = null |
policyPermissionDescriptions - [String!]
|
Filter roles by one or more policy permission descriptions (wildcard matching). Default = null |
policyPermissionExtensionFlag - Boolean
|
Filter roles by policy permission extension flag (true if an extension/add-on; false if a primary policy permission). Default = null |
resourcePermissionIds - [Int!]
|
Deprecated. Default = null |
resourcePermissionDescriptions - [String!]
|
Deprecated. Default = null |
resourcePermissionAllFlag - Boolean
|
Deprecated. Default = null |
resourcePermissionResourceTypes - [RoleResourceType!]
|
Deprecated. Default = null |
resourcePermissionPropertyTypes - [RoleResourcePropertyType!]
|
Deprecated. Default = null |
resourcePermissionPropertyValues - [String!]
|
Deprecated. Default = null |
resourcePermissionAllowedActions - [RoleResourceAllowedAction!]
|
Deprecated. Default = null |
sortBy - [RoleSortBy]
|
Sort returned roles by specified fields and directions |
Example
{
"uuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"names": ["abc123"],
"descriptions": ["xyz789"],
"configurableFlag": false,
"assignableFlag": false,
"extensionFlag": true,
"defaultFlag": true,
"policyPermissionIds": [123],
"policyPermissionNames": ["xyz789"],
"policyPermissionDescriptions": [
"abc123"
],
"policyPermissionExtensionFlag": false,
"resourcePermissionIds": [987],
"resourcePermissionDescriptions": [
"xyz789"
],
"resourcePermissionAllFlag": false,
"resourcePermissionResourceTypes": ["portfolio"],
"resourcePermissionPropertyTypes": ["portfolioUuid"],
"resourcePermissionPropertyValues": [
"abc123"
],
"resourcePermissionAllowedActions": ["view"],
"sortBy": [RoleSortBy]
}
RoleGroup
Description
TPRM portal/API role group - a set of Roles
Fields
| Field Name | Description |
|---|---|
uuid - UUID!
|
Role group ID in UUID format |
name - String!
|
Role group name |
description - String
|
Description of role group |
clientUuid - UUID!
|
UUID for client associated with the role group |
realmId - String
|
CDP realm for client associated with the role group |
createdTS - Time!
|
Timestamp when created |
updatedTS - Time!
|
Timestamp when last updated |
createdBy - String!
|
Username that created this item |
updatedBy - String!
|
Username that last updated this item |
Example
{
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"name": "abc123",
"description": "xyz789",
"clientUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"realmId": "xyz789",
"createdTS": "-",
"updatedTS": "-",
"createdBy": "abc123",
"updatedBy": "xyz789"
}
RoleGroupData
Fields
| Field Name | Description |
|---|---|
roleGroup - RoleGroup!
|
|
roles - [RoleBase!]
|
Roles within the role group |
userInfo - UserBaseInfo
|
Users that have this role group |
Example
{
"roleGroup": RoleGroup,
"roles": [RoleBase],
"userInfo": UserBaseInfo
}
RoleGroupDataRolesOnly
Fields
| Field Name | Description |
|---|---|
roleGroup - RoleGroup!
|
|
roles - [RoleBase!]
|
Roles within the role group |
Example
{
"roleGroup": RoleGroup,
"roles": [RoleBase]
}
RoleGroupFilter
Description
Fields available by which to filter role groups
Fields
| Input Field | Description |
|---|---|
uuids - [UUID!]
|
Filter role groups by one or more IDs in UUID format. Default = null |
names - [String!]
|
Filter role groups by one or more exact, case-insensitive names (wildcard matching). Default = null |
namesWildcard - [String!]
|
Filter role groups by one or more names (wildcard matching). Default = null |
descriptions - [String!]
|
Filter role groups by one or more descriptions (wildcard matching). Default = null |
Example
{
"uuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"names": ["xyz789"],
"namesWildcard": ["abc123"],
"descriptions": ["xyz789"]
}
RoleGroupInfo
Description
This is the holder for role groups, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
Limit and offset echo back the parameters |
totalCount - Int64!
|
Count of role groups matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of roles returned |
roleGroups - [RoleGroupData!]
|
TPRM portal/API role groups |
Example
{
"offset": 987,
"limit": 123,
"totalCount": 123,
"pageLength": 123,
"roleGroups": [RoleGroupData]
}
RoleGroupResponse
Description
Response to a mutation on role groups
Fields
| Field Name | Description |
|---|---|
code - Int!
|
HTTP response code |
message - String!
|
Error or success message |
success - Boolean!
|
Whether the mutation was successful |
roleGroup - RoleGroupDataRolesOnly
|
Role group that was updated |
Example
{
"code": 987,
"message": "abc123",
"success": true,
"roleGroup": RoleGroupDataRolesOnly
}
RoleGroupSortBy
Fields
| Input Field | Description |
|---|---|
field - RoleGroupSorts!
|
Field by which to sort role groups |
direction - SortDirection
|
Direction in which to sort role groups (asc/desc). Default = asc |
Example
{"field": "uuid", "direction": "asc"}
RoleGroupSorts
Description
Fields available by which to sort role groups; default: uuid/asc
Values
| Enum Value | Description |
|---|---|
|
|
Role group ID in UUID format |
|
|
Name of role group |
|
|
Description of role group |
|
|
UUID of client associated with role group |
|
|
CDP realm of client associated with role group |
Example
"uuid"
RoleGroupToAdd
Description
TPRM portal/API role group - used for creating new role groups - contains roles
Example
{
"name": "abc123",
"description": "xyz789",
"roleUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
]
}
RoleGroupToUpdate
Description
TPRM portal/API role group - used for updating existing role groups - contains roles
Fields
| Input Field | Description |
|---|---|
uuid - UUID!
|
Role group ID in UUID format |
name - String
|
Role group name |
description - String
|
Description of role group |
roleUuidsToAdd - [UUID!]
|
|
roleUuidsToDelete - [UUID!]
|
|
replaceAllRolesFlag - Boolean
|
If specified, replace all the role group's roles with those in roleUuidsToAdd |
Example
{
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"name": "abc123",
"description": "abc123",
"roleUuidsToAdd": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"roleUuidsToDelete": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"replaceAllRolesFlag": false
}
RoleGroupUsersToUpdate
Description
Input to add or delete a TPRM role group for multiple users
Example
{
"roleGroupUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"userUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
]
}
RoleInfo
Description
This is the holder for roles, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
Limit and offset echo back the parameters |
totalCount - Int!
|
Count of roles matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of roles returned |
roles - [Role!]
|
TPRM portal/API roles Use roleData |
roleData - [RoleData!]
|
TPRM portal/API roles |
Example
{
"offset": 987,
"limit": 123,
"totalCount": 123,
"pageLength": 987,
"roles": [Role],
"roleData": [RoleData]
}
RolePolicyPermission
Description
Policy permissions associated with roles. Policy permissions control access to API endpoints and GraphQL operations, fields (selections) and arguments. See Function for the categories of endpoints and operations available to the user. See UserResourcePermission to further restrict access to individual resources.
Fields
| Field Name | Description |
|---|---|
id - Int!
|
Policy permission ID |
roleUuid - UUID
|
Role ID in UUID format |
name - String!
|
Name of policy permission |
description - String!
|
Description of policy permission |
assignableFlag - Boolean!
|
Whether policy permission is assignable to roles by client |
extensionFlag - Boolean!
|
Whether policy permission is an add-on to other policy permissions or roles, or a primary policy permission. Only one primary policy permission can be assigned to a role. |
clientUuid - UUID
|
Client UUID associated with policy permission |
createdTS - String!
|
Timestamp when created |
updatedTS - String!
|
Timestamp when last updated |
createdBy - String!
|
Username that created this item |
updatedBy - String!
|
Username that last updated this item |
Example
{
"id": 123,
"roleUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"name": "abc123",
"description": "xyz789",
"assignableFlag": false,
"extensionFlag": false,
"clientUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"createdTS": "xyz789",
"updatedTS": "abc123",
"createdBy": "abc123",
"updatedBy": "abc123"
}
RolePolicyPermissionFilter
Fields
| Input Field | Description |
|---|---|
ids - [Int!]
|
Filter policy permissions by one or more IDs. Default = null |
names - [String!]
|
Filter policy permissions by one or more names (wildcard matching). Default = null |
descriptions - [String!]
|
Filter policy permissions by one or more descriptions (wildcard matching). Default = null |
assignableFlag - Boolean
|
Filter policy permissions by assignable flag (whether client can assign permission to roles). Default = null |
extensionFlag - Boolean
|
Filter policy permissions by extension flag (true if an extension/add-on; false if a primary policy permission). Default = null |
sortBy - [RolePolicyPermissionSortBy]
|
Sort returned policy permissions by specified fields and directions |
Example
{
"ids": [123],
"names": ["xyz789"],
"descriptions": ["xyz789"],
"assignableFlag": true,
"extensionFlag": false,
"sortBy": [RolePolicyPermissionSortBy]
}
RolePolicyPermissionInfo
Description
This is the holder for role policy permissions
Fields
| Field Name | Description |
|---|---|
policyPermissions - [RolePolicyPermission!]
|
Example
{"policyPermissions": [RolePolicyPermission]}
RolePolicyPermissionLookup
Description
Policy permission associated with a role - controls access to API endpoints and GraphQL fields (selections) and arguments. This object is used to add a policy permission to a role by either its name or ID.
Example
{"id": 987, "name": "abc123"}
RolePolicyPermissionSortBy
Fields
| Input Field | Description |
|---|---|
field - RolePolicyPermissionSorts!
|
Field by which to sort policy permissions |
direction - SortDirection
|
Direction in which to sort policy permissions (asc/desc). Default = asc |
Example
{"field": "id", "direction": "asc"}
RolePolicyPermissionSorts
Description
Fields available by which to sort policy permission; default: id/asc
Values
| Enum Value | Description |
|---|---|
|
|
Policy permission ID |
|
|
Name of policy permission |
|
|
Description of policy permissions |
|
|
Whether client can assign policy permission to roles |
|
|
Whether permission is an add-on to another policy permission, if true, or a primary policy permission |
Example
"id"
RoleResourceAllowedAction
Description
Allowed actions on individual resources, or all resources of the specified resource type, in role resource permissions. Allowed actions can only narrow the access provided by the role policy permissions, not broaden it. For instance, granting 'update' access to a company when a role's policy permission only allows the user to view companies will only have the effect of granting 'view' access to the company. Deprecated
Values
| Enum Value | Description |
|---|---|
|
|
Individual resource or all resources of the associated resource type can only be viewed (if permitted by role policy permissions) |
|
|
Individual resource or all resources of the associated resource type can be updated or viewed (if permitted by role policy permissions) |
Example
"view"
RoleResourcePermission
Description
Deprecated
Fields
| Field Name | Description |
|---|---|
id - Int!
|
|
roleUuid - UUID
|
|
description - String!
|
|
resourceType - RoleResourceType!
|
|
allFlag - Boolean!
|
|
propertyType - RoleResourcePropertyType
|
|
propertyValue - String
|
|
allowedAction - RoleResourceAllowedAction!
|
|
createdTS - String!
|
|
updatedTS - String!
|
|
createdBy - String!
|
|
updatedBy - String!
|
|
inactiveFlag - Boolean!
|
Example
{
"id": 987,
"roleUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"description": "xyz789",
"resourceType": "portfolio",
"allFlag": false,
"propertyType": "portfolioUuid",
"propertyValue": "abc123",
"allowedAction": "view",
"createdTS": "xyz789",
"updatedTS": "abc123",
"createdBy": "abc123",
"updatedBy": "abc123",
"inactiveFlag": true
}
RoleResourcePropertyType
Description
Property types in role resource permissions. Access to a resource type can be limited by a property of the resource. Deprecated
Values
| Enum Value | Description |
|---|---|
|
|
Portfolio UUID - can apply to 'portfolio' or 'company' resource type |
|
|
Company ID - can apply only to 'company' resource type |
|
|
Client-provided attribute - can apply only to 'company' resource type |
Example
"portfolioUuid"
RoleResourceType
Description
Resource types in role resource permissions. These are the objects that can be viewed or acted upon. Deprecated
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"portfolio"
RoleSortBy
Fields
| Input Field | Description |
|---|---|
field - RoleSorts!
|
Field by which to sort roles |
direction - SortDirection
|
Direction in which to sort roles (asc/desc). Default = asc |
Example
{"field": "uuid", "direction": "asc"}
RoleSorts
Description
Fields available by which to sort roles; default: uuid/asc
Values
| Enum Value | Description |
|---|---|
|
|
Role ID in UUID format |
|
|
Name of role |
|
|
Description of role |
|
|
Whether clients can assign the role to users |
|
|
Whether clients can configure the role |
|
|
Whether role is an extension/add-on to another role, or a primary role |
|
|
Whether role is the default role assigned to users created through Okta |
Example
"uuid"
RoleToAdd
Description
TPRM portal/API role - used for creating new roles - contains policy permissions for access to API endpoints/functionality
Fields
| Input Field | Description |
|---|---|
name - String!
|
Role name |
description - String!
|
Description of role |
policyPermissions - [RolePolicyPermissionLookup!]!
|
Example
{
"name": "xyz789",
"description": "xyz789",
"policyPermissions": [RolePolicyPermissionLookup]
}
RoleToUpdate
Description
TPRM portal/API role - used for updating existing roles - contains policy permissions for access to API endpoints/functionality
Fields
| Input Field | Description |
|---|---|
uuid - UUID!
|
Role ID in UUID format |
name - String
|
Role name |
description - String
|
Description of role |
policyPermissionsToAdd - [RolePolicyPermissionLookup!]
|
|
policyPermissionsToDelete - [RolePolicyPermissionLookup!]
|
|
replaceAllPermissionsFlag - Boolean
|
If specified, replace all the role's permissions with those in policyPermissionsToAdd |
Example
{
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"name": "abc123",
"description": "xyz789",
"policyPermissionsToAdd": [RolePolicyPermissionLookup],
"policyPermissionsToDelete": [
RolePolicyPermissionLookup
],
"replaceAllPermissionsFlag": true
}
Score
Description
Score details for the overall score (finding code 0), used in Company riskScore
Fields
| Field Name | Description |
|---|---|
scoreDate - String
|
Score is calculated based on data collected through the end of this date. Accordingly this will usually be yesterday's date, in YYYY-MM-DD format |
findingCode - Int
|
Finding code is an integer that represents the specific type of a finding. Finding code 0 indicates the overall company score. See the dictionary query and the DataDictionary type. |
findingCount - Int
|
Was never available for overall score |
score - Float
|
Score can be from 0 to 100, or null if not scored |
riskLevel - RiskLevel
|
A bucketing of the risk level |
scoreImpact - Float
|
Was never available for overall score |
scorePercentile - Float
|
This has never actually been a peer percentile, but a percentile of all scores |
findingStatus - ScoreStatus
|
Values: valid or lowData |
Example
{
"scoreDate": "2024-01-01",
"findingCode": 0,
"findingCount": 123,
"score": 987.65,
"riskLevel": "low",
"scoreImpact": 987.65,
"scorePercentile": 123.45,
"findingStatus": "valid"
}
ScoreHVM
Description
HVM companies (CompanyHVM) (deprecated) can only display the company's risk level, not the entire Score object
Fields
| Field Name | Description |
|---|---|
riskLevel - RiskLevel
|
A bucketing of the risk level (deprecated) |
Example
{"riskLevel": "low"}
ScoreStatus
Description
Status of the overall company score. If lowData, BlueVoyant could not find enough company assets to make an accurate assessment
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"valid"
ScreenedCompany
Description
This object contains the company-related values that can be displayed for a company with cyber screening. Part of ScreenedCompanyInfo, which is from the screenedCompanyInfo query.
Fields
| Field Name | Description |
|---|---|
bvid - UUID!
|
The BV ID, the unique identifier for the company |
primaryName - String
|
Primary name of the company |
primaryDomain - String
|
Primary domain associated with the company |
attributes - [String!]
|
Client-provided attributes or tags that can be associated with one or more companies, used for filtering or grouping companies |
clientEntityIds - [String!]
|
clientEntityIds are case-insensitive identifiers allocated by the client for a company (entity). Typically you would use them to store your internal company identifiers (or a surrogate therefore) in our system. A clientEntityId can only be assigned to one company in all of the client's portfolios. |
clientEntityData - [ClientEntityData!]
|
clientEntityIds and their associated info, which could include an optional name or domain. A clientEntityId is an identifier allocated by the client for a company (entity). A clientEntityId can only be assigned to one company in all of the client's portfolios. |
industryDescription - String
|
Use 'firmographicFields -> industryDescription' |
firmographicFields - FirmographicData
|
|
serviceAttributes - [ServiceAttribute!]
|
Service attributes/licenses the company has |
portfolios - [Portfolio!]
|
Portfolio(s) the company is in |
riskScore - Float
|
Overall company risk score |
scoreConfidence - ConfidenceLevel
|
Score confidence rating/level |
assessmentSummary - String
|
Score confidence assessment summary |
reasoningHeaders - [String!]
|
Reasons behind score confidence assessment |
emailSecurityScoreImpact - Float
|
The impact of the findings in this category on the overall company risk score |
itHygieneScoreImpact - Float
|
The impact of the findings in this category on the overall company risk score |
vulnerabilitiesScoreImpact - Float
|
The impact of the findings in this category on the overall company risk score |
adversarialThreatsScoreImpact - Float
|
The impact of the findings in this category on the overall company risk score |
maliciousActivityScoreImpact - Float
|
The impact of the findings in this category on the overall company risk score |
activeIpCount - Int64
|
From network characterization, the number of unique IP addresses from the company's footprint with any port open |
totalIpCount - Int64
|
Total number of unique IP addresses in the footprint |
totalIpRangeCount - Int
|
Total number of IP ranges/CIDRs (records) in the footprint |
totalDomainCount - Int
|
Total number of domains in the footprint |
totalHostnameCount - Int64
|
Total number of hostname resolutions (whose IPs resolve to a particular country) for this footprint (part of network characterization) |
addedToCSTS - Time
|
When company was first added to Cyber Screening |
companyLogo - CompanyLogo
|
The company's primary domain's logo encoded in base64. |
Example
{
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"primaryName": "abc123",
"primaryDomain": "xyz789",
"attributes": ["xyz789"],
"clientEntityIds": ["abc123"],
"clientEntityData": [ClientEntityData],
"industryDescription": "xyz789",
"firmographicFields": FirmographicData,
"serviceAttributes": [ServiceAttribute],
"portfolios": [Portfolio],
"riskScore": 123.45,
"scoreConfidence": "low",
"assessmentSummary": "abc123",
"reasoningHeaders": ["abc123"],
"emailSecurityScoreImpact": 987.65,
"itHygieneScoreImpact": 123.45,
"vulnerabilitiesScoreImpact": 987.65,
"adversarialThreatsScoreImpact": 987.65,
"maliciousActivityScoreImpact": 123.45,
"activeIpCount": 123,
"totalIpCount": 123,
"totalIpRangeCount": 123,
"totalDomainCount": 123,
"totalHostnameCount": 123,
"addedToCSTS": "-",
"companyLogo": CompanyLogo
}
ScreenedCompanyFilter
Description
Filters for companies under Cyber Screening
Fields
| Input Field | Description |
|---|---|
bvids - [UUID!]
|
The BV ID is the unique identifier for the company. Default = null |
bvidsToExclude - [UUID!]
|
Exclude companies matching these BV IDs even if matched by the other filters. Default = null |
attributes - [String!]
|
Search on attributes is case-sensitive and exact. Supply an empty string as a value to match companies with no attributes. Default = null |
clientEntityIds - [String!]
|
A clientEntityId is an identifier allocated by the client for a company (entity). A clientEntityId is unique case-insensitively across all companies in the client's portfolios. This field is for exact, case-sensitive matches only. Do not use with the clientEntityIdsWildcard filter field. Default = null |
clientEntityIdsWildcard - [String!]
|
A clientEntityId is an identifier allocated by the client for a company (entity). A clientEntityId is unique case-insensitively across all companies in the client's portfolios. This field is for partial, case-insensitive matches. Do not use with the clientEntityIds filter field. Default = null |
primaryNames - [String!]
|
Filter by primary name of company with wildcard matching. Default = null |
primaryDomains - [String!]
|
Filter by primary domain of company with wildcard matching. Default = null |
industryCodes - [String]
|
Filter by the industry code of company (integer format). Default = null |
industryDescriptions - [String]
|
Filter by the industry description of the company with wildcard matching. Default = null |
riskScoreMin - Float
|
Filter by minimum overall risk score (riskScore.score) for companies, which can be from 0 to 100, or null if not scored. NOTE: setting this field, even to 0, restricts results to companies that have a score; companies with a null (unscored) score are filtered out (a null score is not treated as 0). Leave it unset (null) to include unscored companies. Default = null |
riskScoreMax - Float
|
Filter by maximum overall risk score (riskScore.score) for companies, which can be from 0 to 100, or null if not scored. NOTE: setting this field (even to 100) restricts results to companies that have a score; companies with a null (unscored) score are filtered out. Leave it unset (null) to include unscored companies. Default = null |
Example
{
"bvids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"bvidsToExclude": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"attributes": ["xyz789"],
"clientEntityIds": ["abc123"],
"clientEntityIdsWildcard": ["abc123"],
"primaryNames": ["xyz789"],
"primaryDomains": ["abc123"],
"industryCodes": ["xyz789"],
"industryDescriptions": ["xyz789"],
"riskScoreMin": 123.45,
"riskScoreMax": 987.65
}
ScreenedCompanyInfo
Description
This is the holder for cyber-screened companies, from a screenedCompanyInfo query, with pagination and counts
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
Limit and offset echo back the parameters |
totalCount - Int64!
|
Count of companies matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of companies returned |
companies - [ScreenedCompany!]
|
Companies under cyber-screening |
Example
{
"offset": 123,
"limit": 123,
"totalCount": 123,
"pageLength": 987,
"companies": [ScreenedCompany]
}
ScreenedCompanyResponse
Description
Response to a mutation on ScreenedCompany
Fields
| Field Name | Description |
|---|---|
code - Int!
|
HTTP response code |
message - String!
|
Error or success message |
success - Boolean!
|
Whether the mutation was successful |
company - ScreenedCompany
|
Company that was updated |
Example
{
"code": 987,
"message": "abc123",
"success": false,
"company": ScreenedCompany
}
ScreenedCompanySortBy
Fields
| Input Field | Description |
|---|---|
field - ScreenedCompanySorts!
|
|
direction - SortDirection
|
Example
{"field": "bvid", "direction": "asc"}
ScreenedCompanySorts
Description
Fields available by which to sort cyber-screened companies; default: addedCSTS/desc
Values
| Enum Value | Description |
|---|---|
|
|
The unique BlueVoyant identifier (BV ID) of the company. |
|
|
Primary name of the company |
|
|
Primary domain associated with the company |
|
|
The company's industry description |
|
|
The overall company score (riskScore.score). Companies that have no score (a null score) are not treated as 0; they are sorted separately: with ascending (asc) sort order they appear first (before all scored companies), and with descending (desc) sort order they appear last (after all scored companies). To exclude unscored companies entirely, set a riskScoreMin (and/or riskScoreMax) on the filter, which removes null-scored companies from the results. |
|
|
When company was added to Cyber Screening |
Example
"bvid"
SecurityDevice
Description
Information about a security device found in a footprint
Example
{
"ip": "abc123",
"averageTotalResolutionPerDay": 987,
"resolutionDiversity": 123,
"lastUpdated": "xyz789"
}
SecurityDeviceInfo
Description
A collection of security devices organized by finding code. Includes finding code's description, summary, and assessment date.
Fields
| Field Name | Description |
|---|---|
summary - String
|
A brief summary of the finding code |
description - String
|
A description of what the finding code is. |
assessmentDateEnd - String
|
The most recent assessment date |
findingCode - Int64
|
The finding code of these vendor discoveries. |
devices - [SecurityDevice]
|
List of devices of a specific finding code |
Example
{
"summary": "abc123",
"description": "xyz789",
"assessmentDateEnd": "abc123",
"findingCode": 123,
"devices": [SecurityDevice]
}
ServiceAttribute
Description
A service attribute/license associated with a company (or portfolio)
Example
{
"id": 123,
"name": "xyz789",
"licenseKey": "xyz789",
"productName": "abc123"
}
ServiceSetup
Description
A client's service, associated quotas, and current usage
Fields
| Field Name | Description |
|---|---|
name - String!
|
The name of the service |
licenseKey - String
|
A fixed key/name for the license (product) associated with the service |
productName - String
|
The name of the license (product) associated with the service - the display name |
module - String
|
CDP module this service falls under |
enforceCompanyQuota - Boolean!
|
Indicates whether the maximum number of allowed companies for this service (companyQuota) is being enforced |
companyQuota - Int!
|
The maximum number of allowed companies for this service (or the number of licenses when licenses do not depend on companies - see companyBasedLicenseFlag) |
companyCount - Int
|
The current number of companies for this service subject to the quota (companyQuota); the usage. Only applicable if companyBasedLicenseFlag=true |
enforceCompanyChurn - Boolean!
|
Indicates whether the maximum churn rate for companies ((1 + companyChurnPercent/100) * companyQuota) for this service is being enforced. Only applicable if companyBasedLicenseFlag=true |
companyChurnPercent - Float!
|
The churn rate for companies for this service as a percentage, e.g. if companyChurnPercent is 5, companyChurnCount cannot exceed (1 + companyChurnPercent/100) * companyQuota during the last companyChurnDays if enforceEntityChurn is true, so if companyQuota is 100 and companyChurnDays is 90, up to 105 different companies can be swapped in and out of this service during any 90-day period. Only applicable if companyBasedLicenseFlag=true |
companyChurnDays - Int!
|
The period in days over which the churn rate for this service (companyChurnPercent) applies. Only applicable if companyBasedLicenseFlag=true |
companyChurnCount - Int
|
The current number of distinct companies that were in this service at any time during the latest churn period (not including any companies that remained in portfolios for less than 24 hours). Only applicable if companyBasedLicenseFlag=true |
enforceMaxCompanyAdditions - Boolean!
|
Indicates whether the maximum number of additions of companies (maxEntityAdditions) during the additions period (companyAdditionsDays) across this service is being enforced. Only applicable if companyBasedLicenseFlag=true |
maxCompanyAdditions - Int!
|
The maximum number of distinct companies that can be added to this service during the additions period (companyAdditionsDays). Only applicable if companyBasedLicenseFlag=true |
companyAdditionsDays - Int!
|
The period in days over which the maximum number of distinct companies added for this service (maxEntityAdditions) applies. Only applicable if companyBasedLicenseFlag=true |
companyAdditionsCount - Int
|
The current number of distinct companies added to this service at any time during the latest additions period (not including any companies that remained in portfolios for less than 24 hours). Only applicable if companyBasedLicenseFlag=true |
excludeMyCompany - Boolean!
|
If excludeMyCompany is true and the "My Company" company (the bvid field) is present, it is not subject to quotas (companyCount), churn rate (companyChurnCount), or maximum additions (companyAdditionsCounts) limits. Only applicable if companyBasedLicenseFlag=true |
companyBasedLicenseFlag - Boolean!
|
Whether the license count (companyQuota field) indicates a number of companies, or just a count, e.g. of reports that can be run |
Example
{
"name": "xyz789",
"licenseKey": "xyz789",
"productName": "xyz789",
"module": "abc123",
"enforceCompanyQuota": true,
"companyQuota": 123,
"companyCount": 123,
"enforceCompanyChurn": false,
"companyChurnPercent": 123.45,
"companyChurnDays": 987,
"companyChurnCount": 987,
"enforceMaxCompanyAdditions": true,
"maxCompanyAdditions": 123,
"companyAdditionsDays": 123,
"companyAdditionsCount": 987,
"excludeMyCompany": true,
"companyBasedLicenseFlag": true
}
SortDirection
Description
Direction to sort (ascending or descending)
Values
| Enum Value | Description |
|---|---|
|
|
Ascending order, nulls first |
|
|
Descending order, nulls last |
Example
"asc"
String
Description
The String scalar type represents textual data, represented as UTF-8 character sequences. The String type is most often used by GraphQL to represent free-form human-readable text.
Example
"abc123"
Subdomain
SummarizedSortDirection
Values
| Enum Value | Description |
|---|---|
|
|
Ascending order, nulls first |
|
|
Descending order, nulls last |
Example
"asc"
TagInfo
ThirdPartyDisposition
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"NotAPriority"
Time
Description
A date or time
Example
"-"
TimeSeries
Description
A series of date/timestamps and associated values within the specified date range associated with an AvailableTimeSeries object and returned by a timeseries query
Fields
| Field Name | Description |
|---|---|
startDate - String!
|
The start of the date range. Date is in 'YYYY-MM-DD' format |
endDate - String!
|
The end of the date range. Date is in 'YYYY-MM-DD' format |
portfolioUuids - [UUID!]
|
The portfolioUUids used to filter results, if specified |
portfolioType - PortfolioType
|
The portfolioType used to filter results. Only 'external_regular' is allowed |
attributes - [String!]
|
The attributes used to filter results, if specified |
bvids - [UUID!]
|
The BV IDs used to filter results, if specified |
measurements - [Measurement!]!
|
A series of date/timestamps within the specified date range and associated values |
Example
{
"startDate": "2023-01-31",
"endDate": "2023-03-31",
"portfolioUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"portfolioType": "external_regular",
"attributes": ["abc123"],
"bvids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"measurements": [Measurement]
}
TopTenInfo
Description
A collection of fourth party exposure organized by finding code. Includes finding code's description, summary, and assessment date.
Fields
| Field Name | Description |
|---|---|
summary - String
|
A brief summary of the finding code |
description - String
|
A description of what the finding code is. |
assessmentDateEnd - String
|
The most recent assessment date |
findingCode - Int64
|
The finding code of these vendor discoveries. |
assets - [Asset]
|
List of exposures of a specific finding code |
Example
{
"summary": "xyz789",
"description": "xyz789",
"assessmentDateEnd": "xyz789",
"findingCode": 123,
"assets": [Asset]
}
TopVendorByCategory
TopVendorsByCategoryInfo
Fields
| Field Name | Description |
|---|---|
topVendorsByCategory - [TopVendorByCategory!]
|
Returns the top three occurrence vendors per category for the client. |
category - String!
|
The category we are checking the top occurrence of vendors for. |
Example
{
"topVendorsByCategory": [TopVendorByCategory],
"category": "abc123"
}
UUID
Description
A UUID is a 128 bit (16 byte) Universal Unique IDentifier as defined in RFC 4122.
Example
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
User
Description
CDP or TPRM portal/API user, that is part of the UserInfo type returned by the userInfo query, and is returned by the myUser query and user-related mutations, and is part of the Role type.
Fields
| Field Name | Description |
|---|---|
uuid - UUID!
|
User's UUID |
username - String!
|
Login/username (must be an email address) |
firstName - String!
|
First name |
lastName - String!
|
Last name |
email - String!
|
Email address |
status - UserStatus!
|
Okta status. Users must have ACTIVE status to use the portal. |
userType - String!
|
Okta user type |
userCategory - UserCategory!
|
User category (External/External_Test/Internal). External (non-BlueVoyant) users are only allowed to view other external users |
userClass - UserClass!
|
User class (Client/Monitored_Company). Monitored_Company users are only allowed to see the company in the bvid field |
bvid - UUID
|
BV ID for the company that user is allowed to view if user is a Monitored_Company user |
primaryName - String
|
Primary name of the company that user is allowed to view if user is a Monitored_Company user (has bvid field set) |
jobTitle - String
|
Job title |
businessPhoneNumber - String
|
Primary/business phone number |
mobilePhoneNumber - String
|
Mobile phone number |
ssoManagedFlag - Boolean!
|
Whether the user is under SSO management. If so, most user fields cannot be changed from this API. |
lastLoginTS - String
|
Last time user logged in with Okta (to portal) |
createdTS - String!
|
Timestamp when created |
updatedTS - String!
|
Timestamp when last updated |
createdBy - String!
|
Username that created this item (in the db) |
updatedBy - String!
|
Username that last updated this item (in the db) |
realmId - String
|
CDP realm |
hasScd - Boolean!
|
Use 'hasTPRM' |
hasTPRM - Boolean!
|
Whether the user has access to TPRM |
roles - [Role!]
|
TPRM roles that the user has |
groups - [Group!]
|
Okta groups that the user has |
functions - [Function!]
|
TPRM functions that the user has access to in the portal/API for the current client |
temporaryAdminFlag - Boolean!
|
Whether the user currently has temporary admin privileges from the adminOn mutation for the current client. This will be false if the user has a permanent admin role. |
temporaryAdminExpirationTS - String
|
The expiration time if the user currently has temporary admin privileges from the adminOn mutation for the current client. This will not be set if the user has a permanent admin role. |
Example
{
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"username": "xyz789",
"firstName": "xyz789",
"lastName": "abc123",
"email": "abc123",
"status": "STAGED",
"userType": "xyz789",
"userCategory": "External",
"userClass": "Client",
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"primaryName": "abc123",
"jobTitle": "abc123",
"businessPhoneNumber": "xyz789",
"mobilePhoneNumber": "xyz789",
"ssoManagedFlag": false,
"lastLoginTS": "xyz789",
"createdTS": "abc123",
"updatedTS": "xyz789",
"createdBy": "abc123",
"updatedBy": "xyz789",
"realmId": "abc123",
"hasScd": true,
"hasTPRM": true,
"roles": [Role],
"groups": [Group],
"functions": [Function],
"temporaryAdminFlag": false,
"temporaryAdminExpirationTS": "2023-09-29T18:59:37Z"
}
UserBase
Description
The simpler version of the user object. See UserData for remaining user attributes.
Fields
| Field Name | Description |
|---|---|
uuid - UUID!
|
User's UUID |
username - String!
|
Login/username (must be an email address) |
firstName - String!
|
First name |
lastName - String!
|
Last name |
email - String!
|
Email address |
status - UserStatus!
|
Okta status. Users must have ACTIVE status to use the portal. |
userType - String!
|
Okta user type |
userCategory - UserCategory!
|
User category (External/External_Test/Internal). External (non-BlueVoyant) users are only allowed to view other external users |
userClass - UserClass!
|
User class (Client/Monitored_Company). Monitored_Company users are only allowed to see the company in the bvid field |
bvid - UUID
|
BV ID for the company that user is allowed to view if user is a Monitored_Company user |
primaryName - String
|
Primary name of the company that user is allowed to view if user is a Monitored_Company user (has bvid field set) |
jobTitle - String
|
Job title |
businessPhoneNumber - String
|
Primary/business phone number |
mobilePhoneNumber - String
|
Mobile phone number |
ssoManagedFlag - Boolean!
|
Whether the user is under SSO management. If so, most user fields cannot be changed from this API. |
lastLoginTS - Time
|
Last time user logged in with Okta (to portal) |
createdTS - Time!
|
Timestamp when created |
updatedTS - Time!
|
Timestamp when last updated |
createdBy - String!
|
Username that created this item (in the db) |
updatedBy - String!
|
Username that last updated this item (in the db) |
realmId - String
|
Current CDP realm for this client |
hasScd - Boolean!
|
Use 'hasTPRM' |
hasTPRM - Boolean!
|
Whether the user has access to TPRM |
functions - [Function!]
|
TPRM functions that the user has access to in the portal for this client |
temporaryAdminFlag - Boolean!
|
Whether the user currently has temporary admin privileges from the adminOn mutation for this client. This will be false if the user has a permanent admin role. |
temporaryAdminExpirationTS - Time
|
The expiration time if the user currently has temporary admin privileges from the adminOn mutation for this client. This will not be set if the user has a permanent admin role. |
Example
{
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"username": "xyz789",
"firstName": "xyz789",
"lastName": "xyz789",
"email": "xyz789",
"status": "STAGED",
"userType": "xyz789",
"userCategory": "External",
"userClass": "Client",
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"primaryName": "xyz789",
"jobTitle": "xyz789",
"businessPhoneNumber": "abc123",
"mobilePhoneNumber": "abc123",
"ssoManagedFlag": false,
"lastLoginTS": "-",
"createdTS": "-",
"updatedTS": "-",
"createdBy": "abc123",
"updatedBy": "abc123",
"realmId": "abc123",
"hasScd": false,
"hasTPRM": false,
"functions": [Function],
"temporaryAdminFlag": true,
"temporaryAdminExpirationTS": "2023-09-29T18:59:37Z"
}
UserBaseInfo
Description
This is the holder for users (base user only), with pagination and counts.
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
Limit and offset echo back the parameters |
totalCount - Int!
|
Count of users matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of users returned |
users - [UserBase!]
|
CDP or TPRM portal/API users |
Example
{
"offset": 987,
"limit": 123,
"totalCount": 987,
"pageLength": 123,
"users": [UserBase]
}
UserBulkUpdateResponse
Description
Result of a bulk update to users (assigning/removing role groups)
Fields
| Field Name | Description |
|---|---|
succeededCount - Int!
|
Number of users for which updates succeeded |
failedCount - Int!
|
Number of users for which updates failed |
statuses - [UserBulkUpdateStatus!]
|
Holds status/message response for role group bulk user updates, with one item per status/message |
Example
{
"succeededCount": 123,
"failedCount": 987,
"statuses": [UserBulkUpdateStatus]
}
UserBulkUpdateStatus
Description
Statuses for a bulk update to users
Example
{
"uuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"status": 987,
"message": "abc123"
}
UserCategory
Description
User categories, which are part of the User type and the UserFilter filter
Values
| Enum Value | Description |
|---|---|
|
|
User is associated with a client. External users are only allowed to view other external users |
|
|
User is a test user, which behaves more or less like an external user |
|
|
User is internal to BlueVoyant |
Example
"External"
UserClass
Description
User classes, which are part of the User type and the UserFilter filter
Values
| Enum Value | Description |
|---|---|
|
|
User is a regular client user |
|
|
User is limited to viewing a single company |
Example
"Client"
UserClientAdd
Description
Input to add a new client to an existing TPRM portal user (if user does not have a client) from userClientAdd. This endpoint is limited to superadmins.
Example
{
"userUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"clientUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"roleUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
]
}
UserClientDelete
Description
Input to remove the client (if it's the only one) from an existing TPRM portal user from userClientDelete (for instance if the user should no longer have TPRM portal access, but should keep access to other BlueVoyant portals). Admins may not specify the clientUuid.
Example
{
"userUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"clientUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
}
UserClientRoles
Description
A TPRM client, its associated TPRM roles, TPRM role groups, and TPRM resource permissions for a user
Fields
| Field Name | Description |
|---|---|
client - ClientMini!
|
Client associated with the user |
roles - [Role!]
|
TPRM roles associated with the user and client |
roleGroups - [RoleGroupDataRolesOnly!]
|
TPRM role groups associated with the user and client |
resourcePermissions - [UserResourcePermission!]
|
TPRM resource permissions associated with the user and client |
Example
{
"client": ClientMini,
"roles": [Role],
"roleGroups": [RoleGroupDataRolesOnly],
"resourcePermissions": [UserResourcePermission]
}
UserClientSetDefault
Description
Input to set the default client for a TPRM portal user from userClientSetDefault. Admins can set only the userUuid. Non-admin users may not set any arguments.
Example
{
"userUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"clientUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
}
UserClients
Description
A CDP/TPRM user with its TPRM clients
Fields
| Field Name | Description |
|---|---|
user - User!
|
Note that functions and TPRM roles under this user object are only for the calling client. Look at clients->roles to see all TPRM roles across all clients for the user. |
clients - [UserClientRoles!]
|
TPRM joles, role groups, and resource permissions for the user, per TPRM client |
Example
{
"user": User,
"clients": [UserClientRoles]
}
UserData
Description
The container for a UserBase plus subobjects
Fields
| Field Name | Description |
|---|---|
user - UserBase!
|
Simplified user object |
roles - [RoleBase!]
|
TPRM roles that the user has |
roleGroups - [RoleGroupDataRolesOnly!]
|
TPRM role groups that the user has |
groups - [Group!]
|
Okta groups that the user has |
resourcePermissions - [UserResourcePermission!]
|
TPRM resource permissions that the user has |
Example
{
"user": UserBase,
"roles": [RoleBase],
"roleGroups": [RoleGroupDataRolesOnly],
"groups": [Group],
"resourcePermissions": [UserResourcePermission]
}
UserFilter
Description
Filter users in the userInfo query
Fields
| Input Field | Description |
|---|---|
uuids - [UUID!]
|
Filter users by one or more IDs in UUID format. Default = null |
usernames - [String!]
|
Filter users by one or more usernames. Default = null |
usernamesWildcard - [String!]
|
Filter users by one or more usernames, with wildcard matching. Default = null |
firstNames - [String!]
|
Filter users by one or more first names, with wildcard matching. Default = null |
lastNames - [String!]
|
Filter users by one or more last names, with wildcard matching. Default = null |
statuses - [UserStatus!]
|
Filter users by one or more Okta statuses. Default = null |
userCategories - [UserCategory!]
|
Filter users by one or more user categories. External users (those associated with a client), can only see 'External' users. Any other values are ignored. Default is null (display all users) for users in the 'Internal' category. Default = null |
userClasses - [UserClass!]
|
Filter users by one or more user classes. Default is 'Client' for users in the 'External' category (those associated with a client). Default is null (display all users) for users in the 'Internal' category. Default = null |
allUsersFlag - Boolean
|
If true, get all users (CDP users), not just TPRM users, which is the default behavior |
sortBy - [UserSortBy]
|
Sort returned users by specified fields and directions |
Example
{
"uuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"usernames": ["abc123"],
"usernamesWildcard": ["abc123"],
"firstNames": ["abc123"],
"lastNames": ["xyz789"],
"statuses": ["STAGED"],
"userCategories": ["External"],
"userClasses": ["Client"],
"allUsersFlag": true,
"sortBy": [UserSortBy]
}
UserGroupsToUpdate
Description
Input to update user's Okta groups
Example
{
"userUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"groupUuidsToAdd": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"groupUuidsToDelete": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
]
}
UserInfo
Description
This is the holder for users, with pagination and counts. Returned by the userInfo query
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
Limit and offset echo back the parameters |
totalCount - Int!
|
Count of users matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of users returned |
users - [User!]
|
CDP or TPRM portal/API users Use userData |
userData - [UserData!]
|
CDP or TPRM portal/API users |
Example
{
"offset": 987,
"limit": 123,
"totalCount": 987,
"pageLength": 987,
"users": [User],
"userData": [UserData]
}
UserResourceAllowedAction
Description
Allowed actions on individual resources, or all resources of the specified resource type, in UserResourcePermission. Allowed actions can only narrow the access provided by the user's role policy permissions, not broaden it. For instance, granting 'update' access to a company when the policy permission only allows the user to view companies will only have the effect of granting 'view' access to the company (because access to GraphQL operations that update the company are prohibited by the policy permissions).
Values
| Enum Value | Description |
|---|---|
|
|
Individual resource or all resources of the associated resource type can only be viewed (if permitted by the user's role policy permissions). The specified companies, or companies within the specified group (the portfolio or attribute) can be viewed. |
|
|
Individual resource or all resources of the associated resource type can be updated or viewed (if permitted by the user's role policy permissions) |
|
|
Individual resource or all resources of the associated resource type can be managed (if permitted by the user's role policy permissions). In other words, if a portfolio is specified, the portfolio can be updated, and companies can be added to or removed from the portfolio. If an attribute is specified, the attribute can be added or removed from companies. Also, all companies associated with the group (the portfolio or attribute) can be updated or viewed. If a bvid is specified, this is the equivalent of 'update'. |
|
|
Individual resource or all resources of the associated resource type has all access permitted by the user's role policy permissions. This is the value that should be used unless you need to provide a mix of higher and lower accesses within a higher-level role (e.g. manager). |
Example
"view"
UserResourcePermission
Description
Resource permission associated with a user. Resource permissions control access to individual resources - portfolios, attributes, and companies - by an associated property (portfolioUuid, attribute, or bvid), or allow access to all resources of a type, at a particular action level (view/update/manage/default). Resource permissions can only maintain or further narrow the access granted by a user's RolePolicyPermissions, never broaden it.
Fields
| Field Name | Description |
|---|---|
id - Int!
|
Resource permission ID |
description - String!
|
Description of resource permission |
resourceType - UserResourceType!
|
Resource type that can be accessed (companyGroup) |
allFlag - Boolean!
|
Can access all resources of this type if true |
propertyType - UserResourcePropertyType
|
Property type used to control access to resource (will be null if allFlag is true) (portfolioUuid, attribute, bvid). |
propertyValue - String
|
Property value used to control access to resource (will be null if allFlag is true). The value associated with the property type, e.g. an individual portfolio UUID, attribute, or BV ID |
allowedAction - UserResourceAllowedAction!
|
Allowed action on the resource (view/update/manage/default) (if permitted by role policy permission) |
createdTS - Time!
|
Timestamp when created |
updatedTS - Time!
|
Timestamp when last updated |
createdBy - String!
|
Username that created this item |
updatedBy - String!
|
Username that last updated this item |
inactiveFlag - Boolean!
|
If true, permission is inactive |
Example
{
"id": 123,
"description": "xyz789",
"resourceType": "companyGroup",
"allFlag": false,
"propertyType": "portfolioUuid",
"propertyValue": "abc123",
"allowedAction": "view",
"createdTS": "-",
"updatedTS": "-",
"createdBy": "xyz789",
"updatedBy": "abc123",
"inactiveFlag": false
}
UserResourcePermissionLookup
Description
Resource permission associated with users - controls access to individual resources (companyGroup) by a property (portfolioUuid, attribute, bvid), or allows access to all resources of a type. This object is used to add resource permissions to users. The resource permission can be created on the fly (or looked up by its values), or the ID of an existing permission can be provided.
Provide one of the following sets of fields::
- ID only
- resourceType, allowedAction, allFlag=true
- resourceType, allowedAction, allFlag=false, propertyType, propertyValue
Fields
| Input Field | Description |
|---|---|
id - Int
|
Resource permission ID - if known, include only this field |
resourceType - UserResourceType
|
Resource type that can be accessed (companyGroup) - required unless ID is provided |
allFlag - Boolean
|
Can access all resources of this type if true |
propertyType - UserResourcePropertyType
|
Property type used to control access to resource (must be null if allFlag is true, required otherwise, unless ID is provided). Values: portfolioUuid, attribute, bvid. |
propertyValue - String
|
Property value used to control access to resource (must be null if allFlag is true, required otherwise, unless ID is provided) |
allowedAction - UserResourceAllowedAction
|
Allowed action on the resource (view/update/manage/default) - required unless ID is provided |
Example
{
"id": 987,
"resourceType": "companyGroup",
"allFlag": true,
"propertyType": "portfolioUuid",
"propertyValue": "xyz789",
"allowedAction": "view"
}
UserResourcePropertyType
Description
Property types in UserResourcePermission. Access to a resource type can be limited by a property of the resource.
Values
| Enum Value | Description |
|---|---|
|
|
Portfolio UUID - for a companyGroup resource type, the resource is the portfolio itself and all the companies within it |
|
|
Client-provided attribute - for a companyGroup resource type, the resource is the attribute itsef and all the companies associated with it |
|
|
Company ID - for a companyGroup resource type, this indicates access to one individual company |
Example
"portfolioUuid"
UserResourceType
Description
Resource types in user resource permissions. These are the objects that can be viewed or acted upon.
Values
| Enum Value | Description |
|---|---|
|
|
A company group is a group of companies (or a single company) described by its property value and type. A group of companies is indicated by either a portfolio attribute, or a single company by its BV ID. |
Example
"companyGroup"
UserResponse
Description
Response to a mutation on a user
Example
{
"code": 123,
"message": "xyz789",
"success": true,
"userData": UserData
}
UserRolesToUpdate
Description
Deprecated. Use the userRolesUpdateV1 mutation and the UserRolesToUpdateV1 type.
Fields
| Input Field | Description |
|---|---|
userUuid - UUID!
|
Must specify the user UUID to be updated |
roleUuidsToAdd - [UUID!]
|
IDs of TPRM roles to add to user (in UUID format) |
roleUuidsToDelete - [UUID!]
|
IDs of TPRM roles to delete from the user (in UUID format) |
replaceAllRolesFlag - Boolean
|
If specified, replace all the user's TPRM roles with those in roleUuidsToAdd |
Example
{
"userUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"roleUuidsToAdd": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"roleUuidsToDelete": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"replaceAllRolesFlag": true
}
UserRolesToUpdateV1
Description
Input to update user's TPRM roles and/or resource permissions
Fields
| Input Field | Description |
|---|---|
userUuid - UUID!
|
Must specify the user UUID to be updated |
roleUuidsToAdd - [UUID!]
|
IDs of TPRM roles to add to user (in UUID format) |
roleUuidsToDelete - [UUID!]
|
IDs of TPRM roles to delete from the user (in UUID format) |
replaceAllRolesFlag - Boolean
|
If specified, replace all the user's TPRM roles with those in roleUuidsToAdd |
resourcePermissionsToAdd - [UserResourcePermissionLookup!]
|
Resource permissions to add to the user |
resourcePermissionsToDelete - [UserResourcePermissionLookup!]
|
Resource permissions to delete from the user |
replaceAllResourcePermissionsFlag - Boolean
|
If specified, replace all the user's resource permissions with those in resourcePermissionsToAdd |
Example
{
"userUuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"roleUuidsToAdd": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"roleUuidsToDelete": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"replaceAllRolesFlag": false,
"resourcePermissionsToAdd": [
UserResourcePermissionLookup
],
"resourcePermissionsToDelete": [
UserResourcePermissionLookup
],
"replaceAllResourcePermissionsFlag": true
}
UserSortBy
Description
Sort users in the UserFilter type
Fields
| Input Field | Description |
|---|---|
field - UserSorts!
|
Field by which to sort users |
direction - SortDirection
|
Direction in which to sort users (asc/desc). Default = asc |
Example
{"field": "uuid", "direction": "asc"}
UserSorts
Description
Fields available in the UserSortBy type by which to sort users; default: uuid/asc
Values
| Enum Value | Description |
|---|---|
|
|
User's ID in UUID format |
|
|
User's username/login |
|
|
User's first name |
|
|
User's last name |
|
|
User's email address |
|
|
User's job title |
|
|
User's Okta status - sorted according to the order specifed in UserStatus |
|
|
User's category - sorted according to the order specifed in UserCategory. External users can only view other external users |
|
|
User's class - sorted according to the order specifed in UserClass |
|
|
The primary name associated with the company in the bvid field, if user has Monitored_Company class |
|
|
Last time user logged in with Okta (to portal) |
|
|
Timestamp when created |
|
|
Timestamp when last updated |
Example
"uuid"
UserStatus
Description
User OKTA statuses
Values
| Enum Value | Description |
|---|---|
|
|
User has been created but not activated |
|
|
User has been activated but has not completed the activation/welcome flow |
|
|
User is active and has access to the system |
|
|
User's password has been reset but user has not completed reset flow |
|
|
User is locked out after too many incorrect password attempts |
|
|
User's password is expired and user must change it at the next login |
|
|
User has been prevented from logging in |
|
|
User has been deactivated and removed from assigned applications |
Example
"STAGED"
UserToAdd
Description
Deprecated. Use the userCreateV1 mutation and the UserToAddV1 type.
Fields
| Input Field | Description |
|---|---|
firstName - String!
|
First name |
lastName - String!
|
Last name |
username - String!
|
Login/username (must be an email address) |
email - String
|
Email address (normally the same as username) |
jobTitle - String
|
Job title |
businessPhoneNumber - String
|
Primary/business phone number |
mobilePhoneNumber - String
|
Mobile phone number |
roleUuids - [UUID!]!
|
Role UUIDs - one or more TPRM role UUIDs that the user should have |
groupUuids - [UUID!]
|
Group UUIDs - zero or more Okta group UUIDs that user should have |
realmId - String
|
Deprecated. The user will be created with the realm ID or client UUID from the URL. |
Example
{
"firstName": "xyz789",
"lastName": "xyz789",
"username": "abc123",
"email": "abc123",
"jobTitle": "abc123",
"businessPhoneNumber": "abc123",
"mobilePhoneNumber": "abc123",
"roleUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"groupUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"realmId": "xyz789"
}
UserToAddV1
Description
Input to create new CDP or TPRM user with the userCreateV1 mutation
Fields
| Input Field | Description |
|---|---|
firstName - String!
|
First name |
lastName - String!
|
Last name |
username - String!
|
Login/username (must be an email address) |
email - String
|
Email address (normally the same as username) |
jobTitle - String
|
Job title |
businessPhoneNumber - String
|
Primary/business phone number |
mobilePhoneNumber - String
|
Mobile phone number |
roleUuids - [UUID!]
|
Role UUIDs - one or more TPRM role UUIDs that the user should have. cdpOnly users must have no roles. |
resourcePermissions - [UserResourcePermissionLookup!]
|
Resource permissions - zero or more TPRM resource permissions that the user should have. Defaults to all if not provided, and user has TPRM. cdpOnly users must have no resource permissions. |
groupUuids - [UUID!]
|
Group UUIDs - zero or more Okta group UUIDs that user should have |
Example
{
"firstName": "abc123",
"lastName": "abc123",
"username": "xyz789",
"email": "abc123",
"jobTitle": "xyz789",
"businessPhoneNumber": "xyz789",
"mobilePhoneNumber": "xyz789",
"roleUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
],
"resourcePermissions": [UserResourcePermissionLookup],
"groupUuids": [
"e89c6ede-bfcb-42b8-8ab4-6ff64d080db1"
]
}
UserToUpdate
Description
Input to update portal/TPRM API user
Fields
| Input Field | Description |
|---|---|
uuid - UUID!
|
Must specify the UUID to be updated |
firstName - String
|
First name |
lastName - String
|
Last name |
username - String
|
Login/username (must be an email address) |
email - String
|
Email address (normally the same as username) |
jobTitle - String
|
Job title |
businessPhoneNumber - String
|
Primary/business phone number |
mobilePhoneNumber - String
|
Mobile phone number |
Example
{
"uuid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"firstName": "abc123",
"lastName": "abc123",
"username": "xyz789",
"email": "xyz789",
"jobTitle": "abc123",
"businessPhoneNumber": "abc123",
"mobilePhoneNumber": "xyz789"
}
VendorContact
Description
Vendor contacts are contacts AT the vendor/monitored company who receive escalations
Fields
| Field Name | Description |
|---|---|
id - Int!
|
|
contactName - String!
|
Full name of contact |
firstName - String!
|
Use 'contactName' |
lastName - String!
|
Use 'contactName' |
email - String!
|
Contact's email address - unique for the client and BV ID |
jobTitle - String!
|
Contact's job title |
businessPhoneNumber - String!
|
Contact's phone number |
bvid - UUID!
|
BV ID of the company for which contact receives escalations |
primaryName - String!
|
Primary name of the company for which contact received escalations |
escalationPreference - AddressType!
|
Recipient field for contact's email address: 'to' or 'cc' (primary/notification) |
addressType - AddressType!
|
Use 'escalationPreference' |
mobilePhoneNumber - String!
|
No longer supported |
customerProvided - Boolean!
|
All contacts displayed here are provided by the client |
requirePortalProvision - Boolean!
|
No longer supported |
source - String
|
No longer supported |
createdTS - String!
|
Timestamp when created |
updatedTS - String!
|
Timestamp when last updated |
createdBy - String!
|
Username that created this item |
updatedBy - String!
|
Username that last updated this item |
Example
{
"id": 987,
"contactName": "abc123",
"firstName": "abc123",
"lastName": "xyz789",
"email": "abc123",
"jobTitle": "xyz789",
"businessPhoneNumber": "abc123",
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"primaryName": "xyz789",
"escalationPreference": "to",
"addressType": "to",
"mobilePhoneNumber": "xyz789",
"customerProvided": false,
"requirePortalProvision": true,
"source": "xyz789",
"createdTS": "xyz789",
"updatedTS": "xyz789",
"createdBy": "abc123",
"updatedBy": "xyz789"
}
VendorContactInfo
Fields
| Field Name | Description |
|---|---|
offset - Int!
|
Offset and limit echo back the parameters |
limit - Int
|
Limit and offset echo back the parameters |
totalCount - Int!
|
Count of contacts matching filter regardless of whether they fit within limit |
pageLength - Int!
|
Count of contacts returned |
vendorContacts - [VendorContact!]
|
Vendor contacts in the client's portfolios |
Example
{
"offset": 987,
"limit": 123,
"totalCount": 123,
"pageLength": 987,
"vendorContacts": [VendorContact]
}
VendorContactToAdd
Description
Input to create a new vendor contact - a contact AT the vendor/monitored company who receives escalations
Fields
| Input Field | Description |
|---|---|
contactName - String!
|
Full name of contact |
email - String!
|
Contact's email address - unique for the client and BV ID |
businessPhoneNumber - String
|
Contact's phone number |
jobTitle - String
|
Contact's job title |
bvid - UUID!
|
BV ID of the company for which contact receives escalations |
escalationPreference - AddressType!
|
Recipient field for contact's email address: 'to' or 'cc' (primary/notification) |
Example
{
"contactName": "abc123",
"email": "xyz789",
"businessPhoneNumber": "xyz789",
"jobTitle": "abc123",
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"escalationPreference": "to"
}
VendorContactToUpdate
Description
Input to update a vendor contact - contact AT the vendor/monitored company who receives escalations
Fields
| Input Field | Description |
|---|---|
id - Int!
|
|
contactName - String
|
Full name of contact |
businessPhoneNumber - String
|
Contact's phone number |
jobTitle - String
|
Contact's job title |
bvid - UUID
|
BV ID of the company for which contact receives escalations |
escalationPreference - AddressType
|
Recipient field for contact's email address: 'to' or 'cc' (primary/notification) |
Example
{
"id": 123,
"contactName": "abc123",
"businessPhoneNumber": "abc123",
"jobTitle": "xyz789",
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"escalationPreference": "to"
}
VendorDependency
Fields
| Field Name | Description |
|---|---|
bvid - UUID
|
The unique BlueVoyant identifier (BV ID) of the company. |
findingCode - Int64
|
Finding code is an integer that represents the specific type of a finding. See the dictionary query and the DataDictionary type. |
category - String
|
The category the of the specific vendor product (Endpoint Security, Email Security, Network Security, etc). |
vendor - String
|
The name of the vendor. |
product - String
|
The name of the product that the vendor is providing. |
updatedTS - Time
|
The timestamp for when this entry was created or updated last. |
company - CompanyByService
|
Company for each vendor dependency |
Example
{
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"findingCode": 123,
"category": "xyz789",
"vendor": "xyz789",
"product": "abc123",
"updatedTS": "2024-02-06T20:24:21Z",
"company": Company
}
VendorDependencyCountFilter
Description
The additional filters to use for vendor dependency per-type counts (besides the portfolio/attribute/BV ID ones in the insightsInfo query).
Fields
| Input Field | Description |
|---|---|
categories - [String!]
|
The categories to filter on (with exact, case-sensitive matching) |
categoriesWildcard - [String!]
|
The categories to filter on (with wildcard matching) |
vendors - [String!]
|
The software/hardware vendors to filter on (with exact, case-sensitive matching) |
vendorsWildcard - [String!]
|
The software/hardware vendors to filter on (with wildcard matching) |
products - [String!]
|
The products to filter on (with exact, case-sensitive matching) |
productsWildcard - [String!]
|
The products to filter on (with wildcard matching) |
Example
{
"categories": ["abc123"],
"categoriesWildcard": ["xyz789"],
"vendors": ["xyz789"],
"vendorsWildcard": ["xyz789"],
"products": ["abc123"],
"productsWildcard": ["abc123"]
}
VendorDependencyCountsPerCategory
Description
Counts associated with a specific vendor dependency category
Fields
| Field Name | Description |
|---|---|
category - String!
|
The category |
vendorCount - Int64!
|
The number of software/hardware vendors associated with this category and filters |
productCount - Int64!
|
The number of products associated with this category and filters |
companyCount - Int64!
|
The number of companies associated with this category and filters |
Example
{
"category": "xyz789",
"vendorCount": 123,
"productCount": 123,
"companyCount": 123
}
VendorDependencyCountsPerCategoryInfo
Description
This is the holder for VendorDependencyCountsPerCategory, from vendorDependencyCountsPerCategory in the insightsInfo query, with pagination and counts
Fields
| Field Name | Description |
|---|---|
totalCount - Int64!
|
Total number of items that match the filters, regardless of limit |
pageLength - Int!
|
The number of items returned |
totalCompanyCount - Int64!
|
Total number of companies that match the filters, regardless of limit |
items - [VendorDependencyCountsPerCategory!]
|
The list of objects returned from the request |
Example
{
"totalCount": 123,
"pageLength": 987,
"totalCompanyCount": 123,
"items": [VendorDependencyCountsPerCategory]
}
VendorDependencyCountsPerProduct
VendorDependencyCountsPerProductInfo
Description
This is the holder for VendorDependencyCountsPerProduct, from vendorDependencyCountsPerProduct in the insightsInfo query, with pagination and counts
Fields
| Field Name | Description |
|---|---|
totalCount - Int64!
|
Total number of items that match the filters, regardless of limit |
pageLength - Int!
|
The number of items returned |
totalCompanyCount - Int64!
|
Total number of companies that match the filters, regardless of limit |
items - [VendorDependencyCountsPerProduct!]
|
The list of objects returned from the request |
Example
{
"totalCount": 123,
"pageLength": 123,
"totalCompanyCount": 123,
"items": [VendorDependencyCountsPerProduct]
}
VendorDependencyCountsPerVendor
Description
Counts associated with a specific vendor dependency software/hardware vendor
Example
{
"vendor": "xyz789",
"productCount": 123,
"companyCount": 123
}
VendorDependencyCountsPerVendorInfo
Description
This is the holder for VendorDependencyCountsPerVendor, from vendorDependencyCountsPerVendor in the insightsInfo query, with pagination and counts
Fields
| Field Name | Description |
|---|---|
totalCount - Int64!
|
Total number of items that match the filters, regardless of limit |
pageLength - Int!
|
The number of items returned |
totalCompanyCount - Int64!
|
Total number of companies that match the filters, regardless of limit |
items - [VendorDependencyCountsPerVendor!]
|
The list of objects returned from the request |
Example
{
"totalCount": 123,
"pageLength": 123,
"totalCompanyCount": 123,
"items": [VendorDependencyCountsPerVendor]
}
VendorDependencyDistinctField
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"product"
VendorDependencyFilter
Fields
| Input Field | Description |
|---|---|
categories - [String!]
|
The category the of the specific vendor product (Endpoint Security, Email Security, Network Security, etc). Exact string matching. |
vendors - [String!]
|
The name of the vendor. Exact string matching. |
products - [String!]
|
The name of the product that the vendor is providing. Exact string matching. |
productsWildcard - [String!]
|
Filters on provided products. Will enforce substring matching. |
vendorsWildcard - [String!]
|
Filters on provided vendors. Will enforce substring matching. |
categoriesWildcard - [String!]
|
Filters on provided categories. Will enforce substring matching. |
company - String
|
The name of the company you would like to filter by. |
Example
{
"categories": ["abc123"],
"vendors": ["abc123"],
"products": ["xyz789"],
"productsWildcard": ["xyz789"],
"vendorsWildcard": ["abc123"],
"categoriesWildcard": ["abc123"],
"company": "xyz789"
}
VendorDependencyGlobalDistinct
Fields
| Field Name | Description |
|---|---|
vendors - [String!]
|
All unique vendors across all clients in vendor dependency v2. |
categories - [String!]!
|
All unique categories across all clients in vendor dependency v2. |
products - [String!]
|
All unique products across all clients in vendor dependency v2. |
Example
{
"vendors": ["abc123"],
"categories": ["abc123"],
"products": ["abc123"]
}
VendorDependencyInfo
Fields
| Field Name | Description |
|---|---|
globalDistinct - VendorDependencyGlobalDistinct
|
This struct contains three of the vendor dependency fields: vendor, category, product. Each field will return all unique values for that field over all clients. Please note that NO filters from insightsInfo or vendorDependencyInfo are applied here. |
topThreeVendorsByCategory - [TopVendorsByCategoryInfo]
|
Returns the top three vendors per category per client. Categories are an exact string match. |
Arguments
|
|
vendorDependencies - [VendorDependency!]
|
A list of all of the vendor dependencies. |
totalCount - Int64!
|
The total number of objects that fit the filter given regardless of limit. |
pageLength - Int!
|
The total amount of objects returned to user. Between zero and the limit provided. |
Example
{
"globalDistinct": VendorDependencyGlobalDistinct,
"topThreeVendorsByCategory": [TopVendorsByCategoryInfo],
"vendorDependencies": [VendorDependency],
"totalCount": 123,
"pageLength": 123
}
VendorDependencyLegacy
Fields
| Field Name | Description |
|---|---|
bvid - UUID
|
The unique BlueVoyant identifier (BV ID) of the company. |
findingCode - Int64
|
Finding code is an integer that represents the specific type of a finding. See the dictionary query and the DataDictionary type. |
vendor - String
|
The name of the vendor. |
updatedTS - Time
|
The timestamp for when this entry was created or updated last. |
company - CompanyByService
|
Company for each vendor dependency |
Example
{
"bvid": "e89c6ede-bfcb-42b8-8ab4-6ff64d080db1",
"findingCode": 123,
"vendor": "xyz789",
"updatedTS": "2024-02-06T20:24:21Z",
"company": Company
}
VendorDependencyLegacyFilter
VendorDependencyLegacyInfo
Fields
| Field Name | Description |
|---|---|
vendorDependencyLegacies - [VendorDependencyLegacy!]
|
A list of all of the vendor dependencies. |
totalCount - Int64!
|
The total number of objects that fit the filter given regardless of limit. |
pageLength - Int!
|
The total amount of objects returned to user. Between zero and the limit provided. |
Example
{
"vendorDependencyLegacies": [VendorDependencyLegacy],
"totalCount": 123,
"pageLength": 123
}
VendorDependencyLegacySort
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Example
"vendor"
VendorDependencyLegacySortBy
Fields
| Input Field | Description |
|---|---|
field - VendorDependencyLegacySort!
|
Field by which to sort vendors. Default = updatedTS |
direction - SortDirection
|
Direction in which to sort users (asc/desc). Default = asc |
Example
{"field": "vendor", "direction": "asc"}
VendorDependencySort
Values
| Enum Value | Description |
|---|---|
|
|
The category associated with the product |
|
|
Name of the vendor providing the product |
|
|
The product detected |
|
|
The time the insight was last updated (process date) |
|
|
Finding code is an integer that represents the specific type of a finding. See the dictionary query and the DataDictionary type. |
|
|
The unique BlueVoyant identifier (BV ID) of the company associated with this insight |
|
|
Primary name of the company |
|
|
Name of the portfolio containing the company |
Example
"category"
VendorDependencySortBy
Fields
| Input Field | Description |
|---|---|
field - VendorDependencySort!
|
Field by which to sort vendors. Default = updatedTS |
direction - SortDirection
|
Direction in which to sort vendors (asc/desc). Default = asc |
Example
{"field": "category", "direction": "asc"}
VendorDiscovery
VendorDiscoveryInsights
Description
Vendor discovery insights have vendor discoveries of a specific finding code, and include its summary, description,
Fields
| Field Name | Description |
|---|---|
summary - String
|
A brief summary of the finding code |
description - String
|
A description of what the finding code is. |
assessmentDateEnd - String
|
The most recent assessment date |
findingCode - Int64
|
The finding code of these vendor discoveries. |
vendorDiscovery - [VendorDiscovery]
|
List of vendor discovery objects of a single finding code |
Example
{
"summary": "xyz789",
"description": "xyz789",
"assessmentDateEnd": "abc123",
"findingCode": 123,
"vendorDiscovery": [VendorDiscovery]
}
VendorSummarizedCountFilter
VendorSummarizedCountInfo
Fields
| Field Name | Description |
|---|---|
totalCount - Int!
|
The total count of objects that match the user's request regardless of how many were returned. |
pageLength - Int!
|
The amount of objects returned to the user. |
items - [VendorSummarizedCounts]
|
The list of objects returned to the user. |
Example
{
"totalCount": 987,
"pageLength": 123,
"items": [VendorSummarizedCounts]
}
VendorSummarizedCountSort
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
Example
"portfolioName"
VendorSummarizedCountSortBy
Fields
| Input Field | Description |
|---|---|
field - VendorSummarizedCountSort!
|
Field by which to sort vendors. Default = portfolioName |
direction - SummarizedSortDirection
|
Direction in which to sort users (asc/desc). Default = asc |
Example
{"field": "portfolioName", "direction": "asc"}
VendorSummarizedCounts
Fields
| Field Name | Description |
|---|---|
portfolio - String!
|
The portfolio of this category/client/portfolio combintation. |
category - String!
|
The category of this category/client/portfolio combintation. |
totalCount - Int!
|
The amount of vendors of this category/client/portfolio combintation. |
vendors - [String!]
|
The vendors of this category/client/portfolio combintation. |
Example
{
"portfolio": "xyz789",
"category": "abc123",
"totalCount": 987,
"vendors": ["xyz789"]
}
WaitingFor
Description
Progress is blocked on this party
Values
| Enum Value | Description |
|---|---|
|
|
|
|
|
|
|
|
|
|
|
Example
"BlueVoyant"