400 error retrieving threathistory

  • 8 July 2020
  • 2 replies

I am able to authenticate and use token to get sites (/service/api/console/gsm/{gsm}/sites), then endpoints (/service/api/console/gsm/{siteKey}/sites/{siteId}/endpoints) however; when I attempt to call threathistory I get the following.

Threat history method url:{siteKey}/sites/{siteId}/threathistory


Fails: StatusCode: 400, ReasonPhrase: 'Bad Request', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers:
  Access-Control-Allow-Origin: *
  Date: Wed, 08 Jul 2020 02:39:14 GMT
  Server: Microsoft-IIS/10.0
  X-WRRequestId: 3c5f05db-c554-467a-85bc-7f12b4f96448
  X-WRServiceVersion: 1.0.20065.1
  Connection: keep-alive
  Content-Type: application/json; charset=utf-8
  Content-Length: 225

This error doesn’t give any useful information. Is there a place to get useful info from the error? Is the threathistory api still active?


Best answer by cbullas 8 July 2020, 11:23

View original

2 replies

Userlevel 4
Badge +11

Hi, great you got the Tokens working, how easy was the ‘getting started’ for you to use?

On Threat history, you say{siteKey}/sites/{siteId}/threathistory , this isn’t correct is should be ../console/gsm/{gsmKey}. Check out the documentation here:

By the way, we have just launched a preview release of Open API format. If you are using a tool like Postman or Swagger you can pull in the file (like a library), making it easier to avoid syntax issues. See


OK - dumb mistake on my part - I appreciate it.

I had assumed that the siteKey was the same as gsm because I was able to send siteKey instead of gsm to the endpoints api and get results. Now I see I don’t need to (and shouldn’t) do that.

I’ll check out the open api preview tonight!