Company logoHelp Center
Visit www.threatlocker.com

/portalAPI/Application/*

6 min. readlast update: 01.31.2025

This article will encompass all portalAPI calls that are related to /portalAPI/Application/* endpoints

 

Be sure to input the instance your organization exists on for each call. This is indicated with the "INSTANCE" text in each endpoint. Linked here is a KB to find your instance:

Locating Your Organization's Instance | ThreatLocker Help Center

 

ApplicationGetResearchDetailsById

https://portalapi.INSTANCE.threatlocker.com/portalapi/Application/ApplicationGetResearchDetailsById

  • Method: GET
  • Description: This API is used when clicking the Modules dropdown on the left side of the ThreatLocker Portal, clicking Application Control, viewing the Applications page, and selecting/clicking on an application that has available research data. This API will get any research data made available by the ThreatLocker Research Team based on the applicationId provided. For instance, for the Adobe Creative Cloud application, the following information/fields will be returned when utilizing this API:
    • productName: This field contains the full name of the product/application. For this example, "Adobe Creative Cloud" will be shown.
    • clientApplicationName: This field is the actual application name in your organization associated with the research details. Applications can vary slightly in name but still be linked to the same research details.
    • productDescription: This field is the description of the application as created by the ThreatLocker Research Team. For Adobe Creative Cloud, the productDescription reads, "A software suite that provides access to a collection of Adobe applications for various creative services including, web development, graphic design, photography, etc."
    • clientDescription: This field contains the description that you have added to the application definition that exists in your organization(s). Assuming the applicationId is for a custom application definition in your organization(s) relating to Adobe Creative Cloud, the clientDescription could read, "This is Adobe Creative Cloud and will contain everything related to Adobe." Note that you are not able to add your own descriptions to any ThreatLocker Built-In Applications, even when they are permitted in your organization(s), as Built-Ins are completely managed by ThreatLocker.
    • osType: This field identifies what operating system the application research details apply to. For this instance of Adobe Creative Cloud, the osType is 1, meaning this information applies to the Adobe Creative Cloud application for Windows computers. Listed below are the osTypes for reference.
      • Windows = 1
      • MAC = 2
      • Linux = 3
      • Windows XP = 5
    • remediationText: This field describes how to limit the potential harm the application can do in your organization(s). For Adobe Creative Cloud, the remediationText reads "Evaluate the need for this software. If it is required for business use, limit access to high-risk applications, files, and the ability to reach out to the internet."
    • potentialRiskStrategyText: This field describes the potential risk strategy/assessment of the application. For Adobe Creative Cloud, the potentialRiskStrategyText reads "Vulnerabilities can result to the compromise of intellectual property, unauthorized access to design projects, and potential manipulation of confidential design data."
    • concernRating: This field contains the concern/risk score of the application and can be used to determine whether some applications are too risky to run in your organization(s). For Adobe Creative Cloud, the concernRating is 3.
    • businessRating: This field contains the score for how relevant/useful the application is for business purposes. For Adobe Creative Cloud, the businessRating is 6.
    • reviewRating: This field contains the combined score calculation of the concern and business scores. This number is generated by taking the concern and business rating, weighting them on a scale, and then using an algorithm to generate the overall combined score. For Adobe Creative Cloud, the reviewRating is 4.
    • countriesWhereCodeCompiled: This field contains a list of the countries where the code is compiled. For Adobe Creative Cloud, the countriesWhereCodeCompiled contains "Romania", "India", and "United States".
    • categories: This field lists the categories the application applies to. For Adobe Creative Cloud, the categories are "Cloud Software" and "Design Software". Other categories include, but are not limited to, "Utility Software", Browser Extension", and "Discontinued Software".
    • accessLevels: This field lists the Ringfencing restrictions that can be/are applied to the application in your organization(s). The "displayName" field contains the type of Ringfencing and the "isProtected" field determines whether the Ringfencing is enabled or not (true or false) for that restriction.
  • Required Body/Parameters
    • Valid APIKey/Authorization Token in header
    • applicationId: This is the Unique Identifier for the application you would like to review the research data for. Only one applicationId can be entered/reviewed at one time.
      • Expects a GUID in format: "00000000-0000-0000-0000-000000000000"
  • Permissions Needed for User
    • Edit Application Control Applications
    • Approve for Entire Organization
    • Approve for Group
    • Approve for Single Computer
    • Approve for Single Computer Application Only
    • View Approvals

 

ApplicationGetForMaintenanceMode

https://portalapi.INSTANCE.threatlocker.com/portalapi/Application/ApplicationGetForMaintenanceMode

  • Method: GET
  • Description: This API is utilized on the Devices page when viewing an individual computer and navigating to the Maintenance tab on the computer sidebar in the ThreatLocker Portal. This API will get all the applications accessible when looking to enable a Maintenance Mode on an endpoint. When selecting to add into an application utilizing a Maintenance Mode, this API will pull the list of all applications available to learn or install into. If looking to view the applications for a different organization than the currently logged in/managed organization, utilize the managedOrganizationId header as described below. This API can be used to analyze the applications in your organization(s) that are available for use with a Maintenance Mode and for analyzing your applications as a whole.
    • NOTE: This will include all the applications the organization and/or currently authenticated user has access to. This will include access to any applicable parent applications and will show in the "label" field when run in the following format: "parentOrganizationName\\parentOrganizationApplicationName".
  • Required Body/Parameters
    • Valid APIKey/Authorization Token in header
  • Optional Body/Parameters
    • OSType: (Defaults to 1)
      • Windows = 1
      • MAC = 2
      • Linux = 3
      • Windows XP = 5
    • In header: "managedOrganizationId": <GUID> in format "00000000-0000-0000-0000-000000000000"

  • Permissions Needed for User

    • Edit Computers
    • Edit Application Control Applications
Was this article helpful?