Darktrace

Darktrace OmniAPI

The Darktrace OmniAPI is a gated REST API hosted on each customer's Darktrace cloud instance at .cloud.darktrace.com/omniapi. It provides programmatic access to Darktrace's ActiveAI platform including model breaches and detections, device inventory and tagging, AI Analyst incident summaries, and Antigena autonomous response actions. The API is used by customers and technology partners to integrate Darktrace into SIEM, SOAR, ticketing, and broader security operations workflows. Documentation and credentials are issued via the Darktrace customer portal.

Darktrace OmniAPI is published by Darktrace on the APIs.io network.

Tagged areas include Detections, Devices, Models, Antigena, and AI Analyst. The published artifact set on APIs.io includes API documentation.

GitHub

Documentation

📖
Documentation
Darktrace ActiveAI Security Platform

Other Resources

🔗
Portal
Darktrace Customer Portal (gated)

API entry from apis.yml

apis.yml Raw ↑ 
aid: darktrace:darktrace-omniapi
name: Darktrace OmniAPI
tags:
- Detections
- Devices
- Models
- Antigena
- AI Analyst
humanURL: https://customerportal.darktrace.com
baseURL: https://customer-instance.cloud.darktrace.com/omniapi
properties:
- url: https://customerportal.darktrace.com
  type: Portal
  title: Darktrace Customer Portal (gated)
- url: https://www.darktrace.com/products
  type: Documentation
  title: Darktrace ActiveAI Security Platform
description: The Darktrace OmniAPI is a gated REST API hosted on each customer's Darktrace cloud instance
  at <instance>.cloud.darktrace.com/omniapi. It provides programmatic access to Darktrace's ActiveAI platform
  including model breaches and detections, device inventory and tagging, AI Analyst incident summaries,
  and Antigena autonomous response actions. The API is used by customers and technology partners to integrate
  Darktrace into SIEM, SOAR, ticketing, and broader security operations workflows. Documentation and credentials
  are issued via the Darktrace customer portal.