Quick Start
An introduction to building with Leen
Getting started with Leen
Let’s introduce you to a few concepts to get you started with Leen.
Leen provides a common data model to represent data from various security products (connections), we provide data models on a per-category basis with support for:
- Vulnerability Management Systems (VMS)
- Application Security (AppSec)
- Endpoint Detection and Response (EDR)
- Cloud Security Posture Management (CSPM)
Leen also extracts and tracks certain entities from connections to better organize and give a more holistic view of the data. For example, we extract the Device data from a VMS connection and track it separately. Check out our Entities endpoints for detailed information.
Organizations and Connections
For Leen to correctly connect to an integration source on behalf of your customer we need to store some information about your customer’s organization. We do this by representing your customer as an organization. Before adding a connection, to pull data from, we need to first make sure an organization is added to Leen.
Connections represent an integration from one of the security products we support. A connection
must belong to an organization
that is owned by you. When you add a new connection to an organization
you’ll be given a connection-id
that you will use to pull data. Currently, all requests to Leen’s API require a connection-id
to be included in your authentication headers since all data is scoped to a given connection.
Connecting to Leen
First, you’ll need an API Key to get started. You should have received one in your email when you signed up. If you haven’t, please contact us at contact@leen.dev.
Create an Organization
To provision a new organization, you’ll need to make a POST
request to the /provisioning/organizations
endpoint. This will create a new organization and return an organization-id
that you will use to add connections.
You’ll use the organization’s ID to create a new connection in the next step. We recommend storing this ID alongside your customer’s information in your application. You can also easily find an organization’s ID by identifier or name by making a GET call and doing a 2-hop request.
See the API Reference page for more details.
Create a Connection
Now that we have created an organization we will create a connection to pull data from. To do this, we’ll make a POST
request to the /provisioning/organizations/{organization_id}/connections
endpoint. This will create a new connection
and return a connection-id
that you will use to pull data.
You will need to specify the vendor
and credentials
for the connection. The vendor
is the name of the
product that Leen is connecting to and the credentials object will be specific to the vendor. More information
can be found on the API Reference page.
Pull Data
Now that we have an organization and connection setup, we can start pulling data. To do this, we’ll make a GET
to any relevant data endpoints with your API key
and Connection-ID
in the headers. For example, to pull Vulnerability Management data you’d send this request.