Skip to main content
POST
/
provisioning
/
organizations
/
{organization_id}
/
connections
Create Connection
curl --request POST \
  --url https://api.leen.dev/v1/provisioning/organizations/{organization_id}/connections \
  --header 'Content-Type: application/json' \
  --header 'X-API-KEY: <api-key>' \
  --data '{
  "vendor": "ARNICA",
  "credentials": "<any>",
  "identifier": "<string>",
  "options": "<any>"
}'
{
  "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "vendor": "<string>",
  "is_active": true,
  "refresh_interval_secs": 123,
  "timeout_secs": 123,
  "organization_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
  "oauth2_authorize_url": "<string>",
  "identifier": "<string>",
  "state": "PENDING",
  "created_at": "2023-11-07T05:31:56Z",
  "updated_at": "2023-11-07T05:31:56Z",
  "health": {
    "name": "HEALTHY",
    "status": "HEALTHY",
    "description": "<string>",
    "resolution_owner": "LEEN",
    "details": [
      {
        "data_export_type": "alerts",
        "endpoint": "<string>"
      }
    ]
  }
}

Authorizations

X-API-KEY
string
header
required

Headers

X-CONNECTION-INVITE-TOKEN
string | null

Path Parameters

organization_id
string<uuid>
required

Query Parameters

use_pool
boolean
default:true

Body

application/json
vendor
enum<string>
required

Connection vendor

Available options:
ARNICA,
ORCA,
MEND,
AIKIDO,
TENABLE,
SENTINELONE_VMS,
SENTINELONE,
GITLAB,
UPWIND,
SERVICENOW,
QUALYS,
GITHUB,
CHECKMARX,
MS_DEFENDER_VMS,
MS_ENTRA,
MS_DEFENDER_CLOUD,
MS_DEFENDER_ENDPOINT,
LACEWORK_CSPM,
AWS_SECURITYHUB,
AWS_ACCESS_ANALYSER,
AWS_INSPECTOR2,
WIZ_CODE,
WIZ_VMS,
TANIUM_VMS,
OKTA_IDP,
SEMGREP,
CROWDSTRIKE_SPOTLIGHT,
CROWDSTRIKE,
SNYK,
INSIGHTVM
credentials
object
required

Connection credentials

  • TenableCredentials
  • QualysCredentials
  • SnykCredentials
  • CrowdStrikeCredentials
  • SentinelOneCredentials
  • MSDefenderEndpointCredentials
  • InsightVMCredentials
  • SemgrepCredentials
  • MSDefenderVMSCredentials
  • MSDefenderCloudCredentials
  • MSEntraOAuthCredentials
  • MSEntraSecretCredentials
  • LaceworkCSPMCredentials
  • AWSInspector2Credentials
  • AWSAccessAnalyzerCredentials
  • AWSSecurityHubCredentials
  • ArnicaCredentials
  • OktaIDPCredentials
  • AikidoCredentials
  • WizVMSCredentials
  • WizCodeCredentials
  • GitlabCredentials
  • TaniumVMSCredentials
  • UpwindCredentials
  • CheckmarxCredentials
  • MendCredentials
  • ArnicaCredentials
  • OrcaCredentials
  • MendCredentials
  • AikidoCredentials
  • TenableCredentials
  • SentinelOneVMSCredentials
  • SentinelOneEDRCredentials
  • GitlabCredentials
  • UpwindCredentials
  • ServiceNowCredentials
  • QualysCredentials
  • GitHubCredentials
  • CheckmarxCredentials
  • MSDefenderVMSCredentials
  • MSEntraOAuth2Credentials
  • MSEntraSecretCredentials
  • MSDefenderCloudCredentials
  • MSDefenderEndpointCredentials
  • LaceworkCSPMCredentials
  • AwsSecurityHubCredentials
  • AwsAccessAnalyzerCredentials
  • AwsInspector2Credentials
  • WizCodeCredentials
  • WizVMSCredentials
  • TaniumVMSCredentials
  • OktaIDPCredentials
  • SemgrepCredentials
  • CrowdStrikeSpotlightCredentials
  • CrowdStrikeCredentials
  • SnykCredentials
  • InsightVMCredentials
identifier
string | null

An optional identifier for the connection, you can use this to reference the connection in your own system

options
object | null

Connection options, ONLY used for Oauth2 URL overrides for Snyk and MS Defender Endpoint

  • SnykConnectionOptions
  • MSDefenderEndpointConnectionOptions
  • MSDefenderVMSConnectionOptions
  • ArnicaConnectionOptions
  • OrcaConnectionOptions
  • MendConnectionOptions
  • AikidoConnectionOptions
  • TenableConnectionOptions
  • SentinelOneVMSOptions
  • SentinelOneEDROptions
  • GitlabOptions
  • UpwindConnectionOptions
  • ServiceNowConnectionOptions
  • QualysConnectionOptions
  • GitHubConnectionOptions
  • CheckmarxConnectionOptions
  • MSDefenderVMSConnectionOptions
  • MSEntraConnectionOptions
  • MSDefenderCloudConnectionOptions
  • MSDefenderEndpointConnectionOptions
  • LaceworkCSPMOptions
  • AwsSecurityHubOptions
  • AwsAccessAnalyzerOptions
  • AwsInspector2Options
  • WizCodeOptions
  • WizVMSOptions
  • TaniumVMSOptions
  • OktaIDPOptions
  • SemgrepOptions
  • CrowdStrikeSpotlightConnectionOptions
  • CrowdStrikeConnectionOptions
  • SnykConnectionOptions
  • InsightVMConnectionOptions

Response

Successful Response

id
string<uuid>
required
vendor
string
required
is_active
boolean
required
refresh_interval_secs
integer
required
timeout_secs
integer
required
organization_id
string<uuid>
required
state
enum<string>
required
Available options:
PENDING,
ACTIVE,
PAUSED,
DELETED
created_at
string<date-time>
required
updated_at
string<date-time>
required
health
object
required
oauth2_authorize_url
string | null
identifier
string | null
I