Getting Started on Omniac Business

Authentication

Thu, 05 Jan 2017 00:00:00 +0000

Our API supports two types of authentication. API keys are easy und straight forward to use, but also less secure since they can be affected by a man-in-the-middle-attack. The more secure approach is to use OAuth with client credential flow. This way we are able to provide you an identity or also to use your identity-provider.

API Key

To use an API Key we need to enable this feature within your tenant. The provided key must be sent with each request using X-API-KEY Header.

Basic Data Structure

Thu, 05 Jan 2017 00:00:00 +0000

This section contains a brief introduction into the data. Every tenant will have multiple profiles, within a profile there will be a list of attributes and alerts.

- * tenant
  |- settings
  |
  |- profiles
     |- profile
     |  |- alerts
     |  |- attributes
     |
     |- profile
     |  |- alerts
     |  |- attributes

OpenAPI Generator

Thu, 05 Jan 2017 00:00:00 +0000

OpenAPI Generator

We recommend using the official OpenAPI Generator to generate the client code. The generator can be found at OpenAPI Generator. It offers various options for generating client libraries in different programming languages. It generates code based on the OpenAPI specification such as functions to invoke the endpoints and types for the request and response bodies.

Client Generation Steps

Download the OpenAPI Specification: Obtain the OpenAPI specification file for omniac Business. This file is YAML format and describes the API endpoints, request parameters, and response structures.
Install OpenAPI Generator: If you haven’t already, install the OpenAPI Generator CLI tool. Consult the OpenAPI Generator documentation for installation instructions.
Generate the Client: Use the OpenAPI Generator CLI to generate the client code. The command typically looks like this:
```
openapi-generator-cli generate -i path/to/openapi.yaml -g <language> -o path/to/output/directory
```
Replace <language> with the desired programming language (e.g., python, java, javascript, etc.) and specify the path to the OpenAPI specification file and the output directory where the generated client code will be saved.

Receive Push Alerts

Thu, 05 Jan 2017 00:00:00 +0000

To get notified even faster, we provide a push api for new alerts. As soon as incidents are found for certain attributes, we will publish the alert into your system. This is done over a HTTP-call. The delivery will marked as done on our side as soon as your api returns a 2xx http status code.

To use this feature, you need to contact us, so we can enable the feature for your tenant.

Encryption in the client

Thu, 05 Jan 2017 00:00:00 +0000

In addition to the option of sending the data to be monitored in plain text to omniac Business, we also offer the option of receiving the data already normalized, encrypted, and hashed. The latter is also the method we recommend, as it ensures that your users’ personal attributes never leave your company context in plain text. The processing steps required for this must be identical to those we perform before using the data to search our data leak database. This procedure is briefly explained below.