It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Public API Overview

  • Last updated on

This functionality is available only with Barracuda Email Protection Premium and Premium Plus plans. To upgrade to one of these plans, contact your Barracuda Networks Sales Representative. 

The Automatic Remediation and Incident Response RESTful API (beta) provides remote administration and configuration of Incident Response. This article gives a brief description of the API and the API endpoints, with links to details about each endpoint. 

Prerequisites

You must have the following items before you can access the API:  

  1. A Barracuda Cloud Control (BCC) account user credentials. If you do not already have a Barracuda Cloud Control account, see Create a Barracuda Cloud Control Account
  2. A Client ID and Client Secret from a registered application in the Barracuda Token Service at https://login.bts.barracudanetworks.com/register
    For instructions, see Registering your Application in the Barracuda Token Service.
  3. An access token to make API requests. To create an access token, refer to the instructions in Obtaining an Access Token.
    Be sure to specify one or more correct scope values for your Access Token:
    • GET methods require an Access Token with scope forensics:account:read 
    • POST methods require an Access Token with scope forensics:account:write

Barracuda Incident Response API

API EndpointMethodFunction
Get AccountsGET

Retrieves a list of accounts for Barracuda Incident Response.

Get TenantsGET

Retrieves a list of Microsoft 365 tenants connected to a Barracuda Incident Response account.

Create IncidentPOST

Creates an incident for a Microsoft 365 tenant.

Get IncidentGET

Retrieves a single incident using the incident ID.

Get IncidentsGET

Retrieves a list of created incidents for a Microsoft 365 tenant.

Get User-Reported EmailsGET

Retrieves a list of user-reported emails for a Microsoft 365 tenant.


You will often use the following endpoints first, as the information they retrieve is needed in other endpoints:

Tool for Interacting with the API

cURL

cURL is a command line tool for transferring data from or to a remote server via URLs. cURL is pre-installed on many UNIX/Linux platforms and newer Windows platforms. Type curl -V in your favorite shell to see if the tool is installed.

Examples in the endpoint references use cURL commands to send HTTP requests to access, create, and manipulate resources. 

Paging

Endpoints that require paging (Get Incidents and Get User-Reported Emails) include the necessary parameters.