# Modify Data ## Table of Contents * [#guardrails-and-prompts](#guardrails-and-prompts "mention") ## Guardrails & Prompts
#APIDescription
1POST /api/createGuardrailPolicyCreate a new Agentic Guardrails Policy to protect Agentic components.
2POST /api/modifyThreatActorStatusUpdate the status of a threat actor or malicious source.
3POST /api/deleteGuardrailPoliciesDelete one or more Agentic Guardrails Policies.
4POST /api/deleteMaliciousEventsBulk delete Agentic Guardrail Activity or malicious events.
5POST /api/updateMaliciousEventStatusUpdate the status of an Agentic Guardrail Activity or malicious event.
6POST /api/addThreatActivityWebhookIntegrationAdd Agentic Guardrail Activity webhook integration.
7POST /api/bulkModifyThreatActorStatusCloudflareBulk modify threat actor status in Cloudflare WAF.
8POST /api/modifyThreatActorStatusCloudflareModify threat actor status in Cloudflare WAF.
9POST /api/modifyThreatConfigurationModify threat detection configuration settings.
10POST /api/deleteAllMaliciousEventsDelete all malicious events from the system.
11POST /api/addCloudflareWafIntegrationAdd Cloudflare WAF integration.
12POST /api/deleteCloudflareWafIntegrationDelete Cloudflare WAF integration.
13POST /api/addAwsWafIntegrationAdd AWS WAF integration.
14POST /api/addAdvancedFiltersForTrafficAdd advanced filters for traffic filtering.
15POST /api/deleteAdvancedFilterDelete an advanced traffic filter.
16POST /api/changeStateOfFilterChange the active/inactive state of a filter.
17POST /api/dryRunAdvancedFiltersPerform dry run of advanced filters to test traffic filtering.
18POST /api/apiInfo/bulkAgentProxyGuardrailApplies guardrail configurations in bulk across multiple agent proxy Agentic components.
19POST /api/guardrailPlaygroundScans and previews guardrail rules against sample inputs in a sandbox environment.
20POST /api/saveGuardrailsConfigSaves or updates the guardrails configuration for the organization.
21POST /api/executeGuardrailsExecutes configured guardrails against specified inputs or traffic.
22POST /api/exportGuardrailActivityToAdxExports guardrail activity logs and events to Azure Data Explorer (ADX).
23POST /api/savePromptSaves or updates a system prompt configuration.
24POST /api/deletePromptDeletes an existing system prompt.
25POST /api/togglePromptStatusToggles the active/inactive status of a system prompt.
26POST /api/testSystemPromptScans a system prompt against sample inputs to validate its behavior.
27POST /api/generateMaliciousUserInputGenerates adversarial user inputs to scan guardrail and prompt robustness.
28POST /api/hardenSystemPromptAnalyzes and hardens a system prompt to improve its resistance to adversarial inputs.
## POST /api/modifyThreatActorStatus > POST request for endpoint /api/modifyThreatActorStatus ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/modifyThreatActorStatus":{"post":{"summary":"POST request for endpoint /api/modifyThreatActorStatus","operationId":"/api/modifyThreatActorStatus-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","properties":{"threatActorId":{"type":"string"},"status":{"type":"string","enum":["active","inactive","mitigated"]}},"description":"Sample description"}}}},"responses":{"200":{"description":"Threat actor status updated","content":{"application/json":{"schema":{"type":"object","properties":{"status":{"type":"string"}},"description":"Sample description"}}}}}}}}} ``` ## POST /api/createGuardrailPolicy > POST request for endpoint /api/createGuardrailPolicy ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/createGuardrailPolicy":{"post":{"summary":"POST request for endpoint /api/createGuardrailPolicy","operationId":"/api/createGuardrailPolicy-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","properties":{"policy":{"type":"object","properties":{"name":{"type":"string"},"description":{"type":"string"},"blockedMessage":{"type":"string"},"severity":{"type":"string","enum":["LOW","MEDIUM","HIGH","CRITICAL"]},"selectedCollection":{"type":"string"},"selectedModel":{"type":"string"},"contextSource":{"type":"string","enum":["API","MCP","GEN_AI","AGENTIC","DAST","ENDPOINT"]},"piiTypes":{"type":"array","items":{"type":"string"}},"regexPatternsV2":{"type":"array","items":{"type":"object","properties":{"pattern":{"type":"string"},"category":{"type":"string"}}}},"applyOnRequest":{"type":"boolean"},"applyOnResponse":{"type":"boolean"},"confidenceScore":{"type":"number","format":"double"},"active":{"type":"boolean"}}},"hexId":{"type":"string"}},"description":"Sample description"}}}},"responses":{"200":{"description":"Policy created/updated successfully","content":{"application/json":{"schema":{"type":"object","properties":{"status":{"type":"string","enum":["SUCCESS","ERROR"]},"policyId":{"type":"string"},"message":{"type":"string"}},"description":"Sample description"}}}}}}}}} ``` ## POST /api/deleteGuardrailPolicies > POST request for endpoint /api/deleteGuardrailPolicies ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/deleteGuardrailPolicies":{"post":{"summary":"POST request for endpoint /api/deleteGuardrailPolicies","operationId":"/api/deleteGuardrailPolicies-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","properties":{"policyIds":{"type":"array","items":{"type":"string"}}},"description":"Sample description"}}}},"responses":{"200":{"description":"Policies deleted successfully","content":{"application/json":{"schema":{"type":"object","properties":{"status":{"type":"string"},"deletedCount":{"type":"integer"}},"description":"Sample description"}}}}}}}}} ``` ## POST /api/updateMaliciousEventStatus > POST request for endpoint /api/updateMaliciousEventStatus ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/updateMaliciousEventStatus":{"post":{"summary":"POST request for endpoint /api/updateMaliciousEventStatus","operationId":"/api/updateMaliciousEventStatus-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","properties":{"eventId":{"type":"string"},"eventIds":{"type":"array","items":{"type":"string"}},"status":{"type":"string","enum":["ACTIVE","IGNORED","TRAINING","UNDER_REVIEW"]},"label":{"type":"string","enum":["GUARDRAIL","THREAT"]},"jiraTicketUrl":{"type":"string"}},"description":"Sample description"}}}},"responses":{"200":{"description":"Status updated successfully","content":{"application/json":{"schema":{"type":"object","properties":{"updateSuccess":{"type":"boolean"},"updatedCount":{"type":"integer"},"updateMessage":{"type":"string"}},"description":"Sample description"}}}}}}}}} ``` ## POST /api/deleteMaliciousEvents > POST request for endpoint /api/deleteMaliciousEvents ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/deleteMaliciousEvents":{"post":{"summary":"POST request for endpoint /api/deleteMaliciousEvents","operationId":"/api/deleteMaliciousEvents-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","properties":{"eventId":{"type":"string"},"eventIds":{"type":"array","items":{"type":"string"}},"label":{"type":"string","enum":["GUARDRAIL","THREAT"]}},"description":"Sample description"}}}},"responses":{"200":{"description":"Events deleted successfully","content":{"application/json":{"schema":{"type":"object","properties":{"deleteSuccess":{"type":"boolean"},"deletedCount":{"type":"integer"},"deleteMessage":{"type":"string"}},"description":"Sample description"}}}}}}}}} ``` ## POST /api/addThreatActivityWebhookIntegration > POST request for endpoint /api/addThreatActivityWebhookIntegration ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/addThreatActivityWebhookIntegration":{"post":{"summary":"POST request for endpoint /api/addThreatActivityWebhookIntegration","operationId":"/api/addThreatActivityWebhookIntegration-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","properties":{"webhookUrl":{"type":"string"},"eventTypes":{"type":"array","items":{"type":"string"}}}}}}},"responses":{"200":{"description":"Threat activity webhook integration added successfully","content":{"application/json":{"schema":{"type":"object","properties":{"success":{"type":"boolean"},"webhookId":{"type":"string"}}}}}}}}}}} ``` ## POST /api/bulkModifyThreatActorStatusCloudflare > POST request for endpoint /api/bulkModifyThreatActorStatusCloudflare ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/bulkModifyThreatActorStatusCloudflare":{"post":{"summary":"POST request for endpoint /api/bulkModifyThreatActorStatusCloudflare","operationId":"/api/bulkModifyThreatActorStatusCloudflare-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","properties":{"actors":{"type":"array","items":{"type":"string"}},"action":{"type":"string"}}}}}},"responses":{"200":{"description":"Bulk actor status modification completed","content":{"application/json":{"schema":{"type":"object","properties":{"successCount":{"type":"integer"},"failureCount":{"type":"integer"},"modifiedActors":{"type":"array","items":{"type":"string"}}}}}}}}}}}} ``` ## POST /api/modifyThreatActorStatusCloudflare > POST request for endpoint /api/modifyThreatActorStatusCloudflare ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/modifyThreatActorStatusCloudflare":{"post":{"summary":"POST request for endpoint /api/modifyThreatActorStatusCloudflare","operationId":"/api/modifyThreatActorStatusCloudflare-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","properties":{"actor":{"type":"string"},"action":{"type":"string"}}}}}},"responses":{"200":{"description":"Actor status modified successfully","content":{"application/json":{"schema":{"type":"object","properties":{"success":{"type":"boolean"},"actor":{"type":"string"},"status":{"type":"string"}}}}}}}}}}} ``` ## POST /api/modifyThreatConfiguration > POST request for endpoint /api/modifyThreatConfiguration ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/modifyThreatConfiguration":{"post":{"summary":"POST request for endpoint /api/modifyThreatConfiguration","operationId":"/api/modifyThreatConfiguration-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","properties":{"ratelimitConfig":{"type":"object","properties":{"rules":{"type":"array","items":{"type":"object","properties":{"name":{"type":"string"},"period":{"type":"integer"},"maxRequests":{"type":"integer"},"action":{"type":"string"}}}}}}}}}}},"responses":{"200":{"description":"Threat configuration updated successfully","content":{"application/json":{"schema":{"type":"object","properties":{"success":{"type":"boolean"},"message":{"type":"string"}}}}}}}}}}} ``` ## POST /api/deleteAllMaliciousEvents > POST request for endpoint /api/deleteAllMaliciousEvents ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/deleteAllMaliciousEvents":{"post":{"summary":"POST request for endpoint /api/deleteAllMaliciousEvents","operationId":"/api/deleteAllMaliciousEvents-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","properties":{"includeArchived":{"type":"boolean"}}}}}},"responses":{"200":{"description":"All malicious events deleted successfully","content":{"application/json":{"schema":{"type":"object","properties":{"deletedCount":{"type":"integer"},"archivedDeletedCount":{"type":"integer"}}}}}}}}}}} ``` ## POST /api/addCloudflareWafIntegration > POST request for endpoint /api/addCloudflareWafIntegration ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/addCloudflareWafIntegration":{"post":{"summary":"POST request for endpoint /api/addCloudflareWafIntegration","operationId":"/api/addCloudflareWafIntegration-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","properties":{"apiToken":{"type":"string"},"zoneId":{"type":"string"},"ruleListId":{"type":"string"}}}}}},"responses":{"200":{"description":"Cloudflare WAF integration added successfully","content":{"application/json":{"schema":{"type":"object","properties":{"success":{"type":"boolean"},"integrationId":{"type":"string"}}}}}}}}}}} ``` ## POST /api/deleteCloudflareWafIntegration > POST request for endpoint /api/deleteCloudflareWafIntegration ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/deleteCloudflareWafIntegration":{"post":{"summary":"POST request for endpoint /api/deleteCloudflareWafIntegration","operationId":"/api/deleteCloudflareWafIntegration-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","properties":{"integrationId":{"type":"string"}}}}}},"responses":{"200":{"description":"Cloudflare WAF integration deleted successfully","content":{"application/json":{"schema":{"type":"object","properties":{"success":{"type":"boolean"}}}}}}}}}}} ``` ## POST /api/addAwsWafIntegration > POST request for endpoint /api/addAwsWafIntegration ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/addAwsWafIntegration":{"post":{"summary":"POST request for endpoint /api/addAwsWafIntegration","operationId":"/api/addAwsWafIntegration-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","properties":{"accessKeyId":{"type":"string"},"secretAccessKey":{"type":"string"},"region":{"type":"string"},"webAclId":{"type":"string"}}}}}},"responses":{"200":{"description":"AWS WAF integration added successfully","content":{"application/json":{"schema":{"type":"object","properties":{"success":{"type":"boolean"},"integrationId":{"type":"string"}}}}}}}}}}} ``` ## POST /api/addAdvancedFiltersForTraffic > POST request for endpoint /api/addAdvancedFiltersForTraffic ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/addAdvancedFiltersForTraffic":{"post":{"summary":"POST request for endpoint /api/addAdvancedFiltersForTraffic","operationId":"/api/addAdvancedFiltersForTraffic-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","properties":{"filterId":{"type":"string"},"content":{"type":"string"},"source":{"type":"string"}}}}}},"responses":{"200":{"description":"Advanced filter added successfully","content":{"application/json":{"schema":{"type":"object","properties":{"success":{"type":"boolean"},"filterId":{"type":"string"},"createdAt":{"type":"integer"}}}}}}}}}}} ``` ## POST /api/deleteAdvancedFilter > POST request for endpoint /api/deleteAdvancedFilter ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/deleteAdvancedFilter":{"post":{"summary":"POST request for endpoint /api/deleteAdvancedFilter","operationId":"/api/deleteAdvancedFilter-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","properties":{"filterId":{"type":"string"}}}}}},"responses":{"200":{"description":"Advanced filter deleted successfully","content":{"application/json":{"schema":{"type":"object","properties":{"success":{"type":"boolean"},"deletedFilterId":{"type":"string"}}}}}}}}}}} ``` ## POST /api/changeStateOfFilter > POST request for endpoint /api/changeStateOfFilter ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/changeStateOfFilter":{"post":{"summary":"POST request for endpoint /api/changeStateOfFilter","operationId":"/api/changeStateOfFilter-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","properties":{"filterId":{"type":"string"},"active":{"type":"boolean"}}}}}},"responses":{"200":{"description":"Filter state changed successfully","content":{"application/json":{"schema":{"type":"object","properties":{"success":{"type":"boolean"},"filterId":{"type":"string"},"newState":{"type":"string"}}}}}}}}}}} ``` ## POST /api/dryRunAdvancedFilters > POST request for endpoint /api/dryRunAdvancedFilters ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/dryRunAdvancedFilters":{"post":{"summary":"POST request for endpoint /api/dryRunAdvancedFilters","operationId":"/api/dryRunAdvancedFilters-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"description":"Dry run completed"}}}}}} ``` ## POST /api/apiInfo/bulkAgentProxyGuardrail > POST request for endpoint /api/apiInfo/bulkAgentProxyGuardrail ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/apiInfo/bulkAgentProxyGuardrail":{"post":{"summary":"POST request for endpoint /api/apiInfo/bulkAgentProxyGuardrail","operationId":"/api/apiInfo/bulkAgentProxyGuardrail-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["apiInfoIds","enabled"],"properties":{"apiInfoIds":{"type":"array","description":"List of API Info identifiers in 'apiCollectionId url method' space-separated format","items":{"type":"string"}},"enabled":{"type":"boolean","description":"true to enable agent-proxy guardrail on the listed endpoints, false to disable"},"guardrailSchema":{"type":"object","description":"Optional guardrail schema to attach to the endpoints. Ignored if clearGuardrailSchema is true."},"clearGuardrailSchema":{"type":"boolean","description":"If true, removes any existing guardrail schema from the endpoints"}}}}}},"responses":{"200":{"description":"Bulk update completed successfully","content":{"application/json":{"schema":{"type":"object","properties":{"updatedCount":{"type":"integer","description":"Number of API Info records actually modified"}}}}}},"403":{"description":"Forbidden — caller lacks SENSITIVE_DATA / READ_WRITE permission"},"422":{"description":"Unprocessable — no API Info IDs provided or invalid format","content":{"application/json":{"schema":{"type":"object","properties":{"actionErrors":{"type":"array","items":{"type":"string"}}}}}}}}}}}} ``` ## POST /api/guardrailPlayground > POST request for endpoint /api/guardrailPlayground ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/guardrailPlayground":{"post":{"summary":"POST request for endpoint /api/guardrailPlayground","operationId":"/api/guardrailPlayground-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["testInput","policy"],"properties":{"testInput":{"type":"string","description":"The prompt or text to test against the guardrail policy"},"policy":{"type":"object","description":"Guardrail policy object defining the rules to apply during the test","properties":{"name":{"type":"string"},"description":{"type":"string"},"severity":{"type":"string","enum":["LOW","MEDIUM","HIGH","CRITICAL"]},"blockedMessage":{"type":"string"},"applyOnRequest":{"type":"boolean"},"applyOnResponse":{"type":"boolean"},"active":{"type":"boolean"},"contentFiltering":{"type":"object","description":"Content-based filtering rules","properties":{"promptAttacks":{"type":"object","properties":{"level":{"type":"string","enum":["LOW","MEDIUM","HIGH"]}}}}},"deniedTopics":{"type":"array","description":"Topics the guardrail should block","items":{"type":"object","properties":{"topic":{"type":"string"},"description":{"type":"string"},"samplePhrases":{"type":"array","items":{"type":"string"}}}}},"piiTypes":{"type":"array","description":"PII detection rules","items":{"type":"object","properties":{"type":{"type":"string"},"behavior":{"type":"string","enum":["block","mask"]}}}},"regexPatterns":{"type":"array","description":"Custom regex patterns to match against input","items":{"type":"string"}},"selectedMcpServers":{"type":"array","description":"MCP server IDs this policy applies to","items":{"type":"string"}},"selectedAgentServers":{"type":"array","description":"Agent server IDs this policy applies to","items":{"type":"string"}}}}}}}}},"responses":{"200":{"description":"Playground test completed; returns raw guardrail service validation result","content":{"application/json":{"schema":{"type":"object","properties":{"playgroundResult":{"type":"object","description":"Raw response from the guardrail validation service","properties":{"blocked":{"type":"boolean"},"reason":{"type":"string"},"blockedMessage":{"type":"string"},"matchedRules":{"type":"array","items":{"type":"string"}}}}}}}}},"403":{"description":"Forbidden — caller lacks SENSITIVE_DATA / READ permission"},"422":{"description":"Unprocessable — missing test input or policy, or guardrail service error"}}}}}} ``` ## POST /api/saveGuardrailsConfig > POST request for endpoint /api/saveGuardrailsConfig ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/saveGuardrailsConfig":{"post":{"summary":"POST request for endpoint /api/saveGuardrailsConfig","operationId":"/api/saveGuardrailsConfig-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["guardrailType","guardrailTargetMode"],"properties":{"guardrailType":{"type":"array","description":"One or more guardrail types to deploy. Valid values: cursor-hooks, openclaw-guardrails, claude-cli-hooks.","items":{"type":"string","enum":["cursor-hooks","openclaw-guardrails","claude-cli-hooks"]}},"guardrailTargetMode":{"type":"string","description":"Deployment target: 'all' deploys to all SentinelOne agents, 'select' deploys to specific agents","enum":["all","select"]},"guardrailAgentIds":{"type":"array","description":"SentinelOne agent IDs to deploy to. Required when guardrailTargetMode is 'select'.","items":{"type":"string"}},"guardrailEnvVars":{"type":"object","description":"Environment variables required by the selected guardrail type(s). Keys and values are both strings.","additionalProperties":{"type":"string"}}}}}}},"responses":{"200":{"description":"Configuration saved and guardrail execution initiated","content":{"application/json":{"schema":{"type":"object","properties":{"guardrailExecution":{"type":"object","properties":{"successCount":{"type":"integer","description":"Number of agents on which guardrails were successfully installed"},"failCount":{"type":"integer","description":"Number of agents where installation failed"},"totalCount":{"type":"integer","description":"Total agent × guardrail-type installations attempted"},"status":{"type":"string","description":"Overall status: 'completed' (all succeeded), 'partial' (some failed), or 'failed'"}}}}}}}},"403":{"description":"Forbidden — caller lacks INTEGRATIONS / READ_WRITE permission"},"422":{"description":"Unprocessable — missing guardrail type or target mode, or SentinelOne integration not configured","content":{"application/json":{"schema":{"type":"object","properties":{"actionErrors":{"type":"array","items":{"type":"string"}}}}}}}}}}}} ``` ## POST /api/executeGuardrails > POST request for endpoint /api/executeGuardrails ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/executeGuardrails":{"post":{"summary":"POST request for endpoint /api/executeGuardrails","operationId":"/api/executeGuardrails-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object"}}}},"responses":{"200":{"description":"Guardrail execution completed","content":{"application/json":{"schema":{"type":"object","properties":{"guardrailExecution":{"type":"object","properties":{"successCount":{"type":"integer"},"failCount":{"type":"integer"},"totalCount":{"type":"integer"},"status":{"type":"string","description":"completed | partial | failed"}}}}}}}},"403":{"description":"Forbidden — caller lacks INTEGRATIONS / READ_WRITE permission"},"422":{"description":"Unprocessable — SentinelOne integration not configured or no guardrail type set","content":{"application/json":{"schema":{"type":"object","properties":{"actionErrors":{"type":"array","items":{"type":"string"}}}}}}}}}}}} ``` ## POST /api/exportGuardrailActivityToAdx > POST request for endpoint /api/exportGuardrailActivityToAdx ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/exportGuardrailActivityToAdx":{"post":{"summary":"POST request for endpoint /api/exportGuardrailActivityToAdx","operationId":"/api/exportGuardrailActivityToAdx-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","properties":{"startTimestamp":{"type":"integer","description":"Unix epoch start of the export time window"},"endTimestamp":{"type":"integer","description":"Unix epoch end of the export time window"},"ips":{"type":"array","description":"Filter by source IP addresses","items":{"type":"string"}},"apiCollectionIds":{"type":"array","description":"Filter by API collection IDs","items":{"type":"integer"}},"urls":{"type":"array","description":"Filter by endpoint URLs","items":{"type":"string"}},"types":{"type":"array","description":"Filter by threat types","items":{"type":"string"}},"statusFilter":{"type":"string","description":"Filter by threat status"},"latestAttack":{"type":"array","description":"Filter by latest attack category","items":{"type":"string"}},"successfulExploit":{"type":"boolean","description":"Filter for only successful exploits"},"hosts":{"type":"array","description":"Filter by host names","items":{"type":"string"}},"label":{"type":"string","description":"Filter by threat label"}}}}}},"responses":{"200":{"description":"Export job accepted and running in background","content":{"application/json":{"schema":{"type":"object","properties":{"exportSuccess":{"type":"boolean"},"exportMessage":{"type":"string"},"exportedCount":{"type":"integer","description":"Always 0 on initial response; poll the ADX status endpoint for final count"}}}}}},"403":{"description":"Forbidden — caller lacks INTEGRATIONS / READ_WRITE permission or ADX_INTEGRATION feature"},"422":{"description":"Unprocessable — ADX integration not configured or configuration incomplete","content":{"application/json":{"schema":{"type":"object","properties":{"actionErrors":{"type":"array","items":{"type":"string"}}}}}}}}}}}} ``` ## POST /api/savePrompt > POST request for endpoint /api/savePrompt ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/savePrompt":{"post":{"summary":"POST request for endpoint /api/savePrompt","operationId":"/api/savePrompt-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["templateId","content"],"properties":{"templateId":{"type":"string","description":"Unique identifier for the template (max 255 characters)"},"content":{"type":"string","description":"Full YAML content of the prompt hardening template (max 100,000 characters)"},"category":{"type":"string","description":"Category name to assign to this template (max 255 characters)"},"inactive":{"type":"boolean","description":"If true the template is saved but not applied during testing"}}}}}},"responses":{"200":{"description":"Prompt template saved successfully","content":{"application/json":{"schema":{"type":"object"}}}},"403":{"description":"Forbidden — caller lacks SENSITIVE_DATA / READ_WRITE permission or AI_AGENTS feature"},"422":{"description":"Unprocessable — validation error (empty content, ID too long, etc.)","content":{"application/json":{"schema":{"type":"object","properties":{"actionErrors":{"type":"array","items":{"type":"string"}}}}}}}}}}}} ``` ## POST /api/deletePrompt > POST request for endpoint /api/deletePrompt ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/deletePrompt":{"post":{"summary":"POST request for endpoint /api/deletePrompt","operationId":"/api/deletePrompt-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["templateId"],"properties":{"templateId":{"type":"string","description":"ID of the template to delete"}}}}}},"responses":{"200":{"description":"Template deleted successfully","content":{"application/json":{"schema":{"type":"object"}}}},"403":{"description":"Forbidden — caller lacks SENSITIVE_DATA / READ_WRITE permission or AI_AGENTS feature"},"422":{"description":"Unprocessable — template ID is empty","content":{"application/json":{"schema":{"type":"object","properties":{"actionErrors":{"type":"array","items":{"type":"string"}}}}}}}}}}}} ``` ## POST /api/togglePromptStatus > POST request for endpoint /api/togglePromptStatus ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/togglePromptStatus":{"post":{"summary":"POST request for endpoint /api/togglePromptStatus","operationId":"/api/togglePromptStatus-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["templateId"],"properties":{"templateId":{"type":"string","description":"ID of the template whose status should be toggled"}}}}}},"responses":{"200":{"description":"Template status toggled successfully","content":{"application/json":{"schema":{"type":"object"}}}},"403":{"description":"Forbidden — caller lacks SENSITIVE_DATA / READ_WRITE permission or AI_AGENTS feature"},"422":{"description":"Unprocessable — template not found or ID is empty","content":{"application/json":{"schema":{"type":"object","properties":{"actionErrors":{"type":"array","items":{"type":"string"}}}}}}}}}}}} ``` ## POST /api/testSystemPrompt > POST request for endpoint /api/testSystemPrompt ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/testSystemPrompt":{"post":{"summary":"POST request for endpoint /api/testSystemPrompt","operationId":"/api/testSystemPrompt-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["systemPrompt","userInput","attackPatterns"],"properties":{"systemPrompt":{"type":"string","description":"The AI system prompt to test for vulnerabilities (max 50,000 characters)"},"userInput":{"type":"string","description":"The user message to simulate as input to the AI agent (max 10,000 characters). Can be generated via generateMaliciousUserInput."},"attackPatterns":{"type":"array","description":"Attack pattern descriptions used for LLM-based vulnerability analysis (max 50 patterns, each max 5,000 characters)","items":{"type":"string"}},"detectionRules":{"type":"object","description":"Optional: custom detection rules parsed from a YAML template. If a 'prompt' type matcher is present, its template is used for LLM analysis. If only regex matchers are present, legacy regex detection is used."}}}}}},"responses":{"200":{"description":"System prompt test completed","content":{"application/json":{"schema":{"type":"object","properties":{"testResult":{"type":"object","properties":{"text":{"type":"string","description":"The simulated AI agent response to the provided user input"},"isSafe":{"type":"boolean","description":"true if the agent response is considered safe, false if vulnerable"},"safetyMessage":{"type":"string","description":"Short summary of the safety verdict"},"analysisDetail":{"type":"string","description":"Detailed LLM analysis explaining the safety verdict"}}}}}}}},"403":{"description":"Forbidden — caller lacks SENSITIVE_DATA / READ permission or AI_AGENTS feature"},"422":{"description":"Unprocessable — missing required fields, too many attack patterns, rate limit exceeded, or AI service error","content":{"application/json":{"schema":{"type":"object","properties":{"actionErrors":{"type":"array","items":{"type":"string"}}}}}}}}}}}} ``` ## POST /api/generateMaliciousUserInput > POST request for endpoint /api/generateMaliciousUserInput ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/generateMaliciousUserInput":{"post":{"summary":"POST request for endpoint /api/generateMaliciousUserInput","operationId":"/api/generateMaliciousUserInput-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["attackPatterns"],"properties":{"attackPatterns":{"type":"array","description":"Attack pattern descriptions from which to generate a malicious user message (max 50 patterns, each max 5,000 characters)","items":{"type":"string"}}}}}}},"responses":{"200":{"description":"Malicious user input generated successfully","content":{"application/json":{"schema":{"type":"object","properties":{"userInput":{"type":"string","description":"LLM-generated malicious user message based on the provided attack patterns"}}}}}},"403":{"description":"Forbidden — caller lacks SENSITIVE_DATA / READ permission or AI_AGENTS feature"},"422":{"description":"Unprocessable — no attack patterns provided, limit exceeded, or rate limit hit","content":{"application/json":{"schema":{"type":"object","properties":{"actionErrors":{"type":"array","items":{"type":"string"}}}}}}}}}}}} ``` ## POST /api/hardenSystemPrompt > POST request for endpoint /api/hardenSystemPrompt ```json {"openapi":"3.0.1","info":{"title":"AktoSwagger","version":"1.0.0"},"paths":{"/api/hardenSystemPrompt":{"post":{"summary":"POST request for endpoint /api/hardenSystemPrompt","operationId":"/api/hardenSystemPrompt-POST","requestBody":{"content":{"application/json":{"schema":{"type":"object","required":["systemPrompt"],"properties":{"systemPrompt":{"type":"string","description":"The original system prompt to harden (max 50,000 characters)"},"vulnerabilityContext":{"type":"string","description":"Optional context about known vulnerabilities or weaknesses to address (max 20,000 characters). Can be sourced from testSystemPrompt analysis results."}}}}}},"responses":{"200":{"description":"Hardened system prompt generated successfully","content":{"application/json":{"schema":{"type":"object","properties":{"hardenedPrompt":{"type":"string","description":"The LLM-generated hardened version of the system prompt with security instructions added"}}}}}},"403":{"description":"Forbidden — caller lacks SENSITIVE_DATA / READ permission or AI_AGENTS feature"},"422":{"description":"Unprocessable — system prompt is empty or too long, vulnerability context too long, or rate limit exceeded","content":{"application/json":{"schema":{"type":"object","properties":{"actionErrors":{"type":"array","items":{"type":"string"}}}}}}}}}}}} ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://ai-security-docs.akto.io/api-reference/threat-protection/modify-data.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.