Trigger a ticket action

Trigger a ticket action by ticket id.

SecurityJWT
Request
path Parameters
id
required
string
header Parameters
Workspace
required
string

The workspace identifier, which isolates API requests inside the provided workspace scope.

Example: corodevonmicrosoftcom_TX7T_u
Request Body schema: application/json
eventAction
required
string

A ticket action to trigger.

Enum: "treatFileAsSafe" "treatFileAsMalicious" "excludeFolderFromScan" "excludeCertificateFromScan" "excludeFilePathAndCertificateFromScan" "excludeFilePathAndFileHashFromScan" "approveProcessGroup" "enableFirewall" "remoteScan" "stopRemoteScan" "enforceUAC" "disableDevMode" "allowNoEncryption" "encryptDrive" "decryptDrive" "enableGatekeeper" "enableAppleMobileFileIntegrity" "systemIntegrityProtection" "markAsProcessed" "markAsUnprocessed" "contactUser" "logForAuditReports" "unLogForAuditReports" "addToDataGovernancePermissions" "suspendFromAll" "suspendFromService" "signInToAll" "signInToService" "removeExposingSharing" "approveEmail" "discardEmail" "discardEmailsFromSender" "discardEmailsFromDomain" "approveEmailsFromSender" "approveEmailsFromDomain" "downloadEmlFile" "generalApprove" "approveFile" "deleteFile" "exportMassDownloadFiles" "exportMassDeleteFiles" "blockProcess" "unblockProcess" "enableNetworkBlockMode" "disableNetworkBlockMode" "shutdownDevice" "rebootDevice"
Responses
200

Success

400

Bad request, validation error

401

Unauthorized request

403

Access forbidden

429

Too Many Requests

500

Internal server error

post/v1/tickets/{id}/actions
Request samples
application/json
{
  • "eventAction": "treatFileAsSafe"
}
Response samples
application/json
{
  • "ticketActionsStatus": "string"
}