Patch Management API

This guide describes the basic information you need to get up and running with the Ivanti Neurons for Patch Management API. It is assumed that you have some prior experience using a REST API.

The Ivanti Neurons for Patch Management API provides access to the Patch Management feature in Ivanti Neurons. The API is used to support the use of third-party reporting tools.

Available Endpoints

The following are the endpoints with which you can interact.

authentication: Enables you to retrieve the JWT access token.
cve: Enables you to retrieve the set of data items that represents a CVE and its related metadata.
cves-to-patch-group: Enables you to specify CVE IDs that you want to convert to a patch group.
endpoint-vulnerability: Enables you to retrieve the set of data items that represents an Endpoint Vulnerability device overview.
notification: Enables you to retrieve the set of data items that represents a notification result, such as a security bulletin.
patch: Enables you to retrieve the set of data items that represents a patch and its related metadata.
patch-group: Enables you to retrieve the set of data items that represents a patch group and its related metadata.
patch-group-audit: Enables you to retrieve the set of data items that represents all changes that have occurred to a given patch group.

Rate Limit and Requests

Neurons for Patch Management supports a rate limit of 150 requests per minute. The number of requests are limited to 172,800 per day.

Relationships

The return code from certain calls can contain data that is related to other areas in the API. The following data fields have relationships with other endpoints.

Endpoint	Related Output Data Item
cve cveId is the primary key in this collection	notificationsAffected: The notification endpoint can be used to query for additional details related to the notification ID. patchesAffected: The patch endpoint can be used to query for additional details related to specific patches.
deployment-history deploymentId is the primary key in this collection	discoveryId: The People and Devices API can be used to query for additional details about the users and devices. notificationId: The notification endpoint can be used to query for additional details related to the notification ID. patchId: The patch endpoint can be used to query for additional details related to the patch ID.
endpoint-vulnerability discoveryId is the primary key in this collection	discoveryId: The People and Devices API can be used to query for additional details about the users and devices. notificationsAffected: The notification endpoint can be used to query for additional details related to the notification ID. patchesAffected: The patch endpoint can be used to query for additional details related to specific patches. deviceStatus.devicePatchSummaries.patchId: The Patch endpoint can be used to query for additional details. deviceStatus.devicePatchSummaries.notificationId: The notification endpoint can be used to query for additional details.
notification notificationId is the primary key in this collection	cves: The cve endpoint can be used to query for the list of CVEs addressed in the notification. cvesExploited: The cve endpoint can be used to query for collection of exploited CVEs.
patch patchId is the primary key in this collection	cveExploited: The cve endpoint can be used to query for additional details about the CVEs. deploymentId: The deployment-history endpoint can be used to query for additional details related to the deployment ID. notificationIds: The notification endpoint can be used to query for additional details related to the notification IDs.
patch-group patchGroupId is the primary key in this collection	patchIds: The patch endpoint can be used to query for additional details related to specific patches.
patch-group-audit This collection uses a composite natural key, each row is a unique document	patchGroupId: The patch-group endpoint can be used to query for additional details related to the parent patch group. patchUid: The patch endpoint can be used to query for additional details related to the specific patch. notificationId: The notification endpoint can be used to query for additional details related to the notification ID.

Endpoint

Related Output Data Item

cve

cveId is the primary key in this collection

notificationsAffected: The notification endpoint can be used to query for additional details related to the notification ID.

patchesAffected: The patch endpoint can be used to query for additional details related to specific patches.

deployment-history

deploymentId is the primary key in this collection

discoveryId: The People and Devices API can be used to query for additional details about the users and devices.

notificationId: The notification endpoint can be used to query for additional details related to the notification ID.

patchId: The patch endpoint can be used to query for additional details related to the patch ID.

endpoint-vulnerability

discoveryId is the primary key in this collection

discoveryId: The People and Devices API can be used to query for additional details about the users and devices.

notificationsAffected: The notification endpoint can be used to query for additional details related to the notification ID.

patchesAffected: The patch endpoint can be used to query for additional details related to specific patches.

deviceStatus.devicePatchSummaries.patchId: The Patch endpoint can be used to query for additional details.

deviceStatus.devicePatchSummaries.notificationId: The notification endpoint can be used to query for additional details.

notification

notificationId is the primary key in this collection

cves: The cve endpoint can be used to query for the list of CVEs addressed in the notification.

cvesExploited: The cve endpoint can be used to query for collection of exploited CVEs.

patch

patchId is the primary key in this collection

cveExploited: The cve endpoint can be used to query for additional details about the CVEs.

deploymentId: The deployment-history endpoint can be used to query for additional details related to the deployment ID.

notificationIds: The notification endpoint can be used to query for additional details related to the notification IDs.

patch-group

patchGroupId is the primary key in this collection

patchIds: The patch endpoint can be used to query for additional details related to specific patches.

patch-group-audit

This collection uses a composite natural key, each row is a unique document

patchGroupId: The patch-group endpoint can be used to query for additional details related to the parent patch group.

patchUid: The patch endpoint can be used to query for additional details related to the specific patch.

notificationId: The notification endpoint can be used to query for additional details related to the notification ID.

HTTP/HTTPS Methods

The following methods are currently supported and are used to denote actions against a resource.

GET: Reads a resource
POST: Creates a new resource
PUT: Updates an entire resource

Standard Status Codes

Conventional HTTP/HTTPS status codes are used to indicate the success or failure of an API request.

200 indicates a successful response
400 indicates a validation error has occurred. For more detailed information, see Response Codes.
401 indicates the requestor is not authorized
500 indicates an unexpected server error