The reporting API is designed to enable you to pull reporting data in XML format, suitable for importing into external databases and applications. The data presented is the same as in the session and exit survey reports of the /login administrative interface.
The reporting API is an authenticated API. For instructions on using authenticated APIs using OAuth, see Authenticate to the Remote Support API.
XML data is pulled by sending a simple HTTP request to the Secure Remote Access Appliance. The request can be sent using any HTTPS-capable socket library, scripting language module, or a URL fetcher such as cURL or wget. Either GET or POST may be used as the request method.
Even if your Secure Remote Access Appliance has multiple public sites, all reports return data associated with all public sites unless the request contains a specific parameter to limit the sites pulled.
POST requests must include a "Content-Type: application/x-www-form-urlencoded" HTTP header when supplying parameters in the request body, and the parameters must be url-encoded. Multipart POST requests are not supported.
When making consecutive API calls, you must close the connection after each API call.
The reporting API URL is https://support.example.com/api/reporting.
An XML schema which formally describes the format of the returned reporting data is available at https://support.example.com/api/reporting.xsd.
To run ArchiveListing or Archive reports, ensure that the Enable State Archive API option is checked on the Management > API Configuration page of the /login administrative interface. The state archive API can be enabled independently of other APIs.
The type of report to be generated. Report types can be any of the following:
The reporting API returns XML responses that declare a namespace. If you are parsing these responses with a namespace-aware parser, you will need to set the namespace appropriately or ignore the namespace while parsing the XML.
- Reporting API: https://www.beyondtrust.com/namespaces/API/reporting
The above namespace is returned XML data and is not a functional URL.
Prior to 16.2, a user account was used to authenticate to the API, with the username and password being passed in the request. Starting with 16.2, this method has been deprecated and is not available to new users. Instead, one or more API accounts must be created, with their client IDs and client secrets used to generate OAuth tokens.
For users upgrading from a version prior to 16.2, the option to authenticate to the API with a user account is still available for backwards compatibility. However, it is highly recommended that you use the more secure OAuth method of authentication. If you are unable to switch to OAuth authentication, please follow the API request format described in our Remote Support documentation archive.