PlexTrac API Overview
The PlexTrac API enables customized access to PlexTrac for sending and receiving data. The purpose of this section is to provide an overview of the PlexTrac API and object structure, help prepare and understand what is needed to begin, and provide guidance to complete common use cases.
This section is broken up into the following pages:
The PlexTrac API uses Bearer tokens to manage authentication for all API endpoints. Two endpoints are used to authenticate to get a valid Bearer token, depending if the user has multi-factor authorization (MFA) set up or not.
This token is then sent as an Authorization header to all other endpoints. These tokens expire after 15 minutes and will need to be refreshed, or the user will need to re-authenticate.
The value in the
tokenfield is the required Bearer token sent to other endpoints.
When the user does have MFA enabled, the response will look different. In this scenario, the
codefield has a value related to the MFA authentication method set up by the user (i.e., Azure, Okta, etc.). This code must be sent with the request payload in the POST Multi-Factor Authentication endpoint. PlexTrac will check the 6-digit code with this code to verify and send the familiar response from the first endpoint with the Bearer token as the value:
Once created, the Bearer token is sent as an Authorization Header with any other endpoints. Using the requests module in Python, an example call would be the following:
Using cURL on the command line, a request example would be the following:
Click Next below to for an explanation of object structures.