Skip to main content
GET
/
api
/
v2
/
clients
List Clients
curl --request GET \
  --url https://your-tenant.bloodhoundenterprise.io/api/v2/clients \
  --header 'Authorization: Bearer <token>'
{
  "count": 1,
  "skip": 1,
  "limit": 1,
  "data": [
    {
      "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
      "name": "<string>",
      "ip_address": "127.0.0.1",
      "hostname": "<string>",
      "configured_user": "<string>",
      "last_checkin": "2023-11-07T05:31:56Z",
      "events": [
        {
          "id": 123,
          "client_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
          "rrule": "<string>",
          "session_collection": true,
          "local_group_collection": true,
          "ad_structure_collection": true,
          "cert_services_collection": true,
          "ca_registry_collection": true,
          "dc_registry_collection": true,
          "all_trusted_domains": true,
          "ous": [
            {
              "objectid": "<string>",
              "name": "<string>",
              "exists": true,
              "distinguishedname": "<string>",
              "type": "<string>"
            }
          ],
          "domains": [
            {
              "objectid": "<string>",
              "name": "<string>",
              "exists": true,
              "type": "<string>"
            }
          ]
        }
      ],
      "token": {
        "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
        "created_at": "2023-11-07T05:31:56Z",
        "updated_at": "2023-11-07T05:31:56Z",
        "deleted_at": {
          "time": "2023-11-07T05:31:56Z",
          "valid": true
        },
        "user_id": {
          "uuid": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
          "valid": true
        },
        "name": {
          "string": "<string>",
          "valid": true
        },
        "key": "<string>",
        "hmac_method": "<string>",
        "last_access": "2023-11-07T05:31:56Z"
      },
      "current_job_id": {
        "int64": 123,
        "valid": true
      },
      "current_task_id": {
        "int64": 123,
        "valid": true
      },
      "current_job": {
        "id": 123,
        "client_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
        "client_name": "<string>",
        "event_id": {
          "int32": 123,
          "valid": true
        },
        "execution_time": "2023-11-07T05:31:56Z",
        "start_time": "2023-11-07T05:31:56Z",
        "end_time": "2023-11-07T05:31:56Z",
        "status": -1,
        "status_message": "<string>",
        "session_collection": true,
        "local_group_collection": true,
        "ad_structure_collection": true,
        "cert_services_collection": true,
        "ca_registry_collection": true,
        "dc_registry_collection": true,
        "all_trusted_domains": true,
        "domain_controller": "<string>",
        "ous": [
          {
            "objectid": "<string>",
            "name": "<string>",
            "exists": true,
            "distinguishedname": "<string>",
            "type": "<string>"
          }
        ],
        "domains": [
          {
            "objectid": "<string>",
            "name": "<string>",
            "exists": true,
            "type": "<string>"
          }
        ],
        "domain_results": [
          {
            "id": 123,
            "created_at": "2023-11-07T05:31:56Z",
            "updated_at": "2023-11-07T05:31:56Z",
            "deleted_at": {
              "time": "2023-11-07T05:31:56Z",
              "valid": true
            },
            "job_id": 123,
            "domain_name": "<string>",
            "success": true,
            "message": "<string>",
            "user_count": 123,
            "group_count": 123,
            "computer_count": 123,
            "gpo_count": 123,
            "ou_count": 123,
            "container_count": 123,
            "aiaca_count": 123,
            "rootca_count": 123,
            "enterpriseca_count": 123,
            "ntauthstore_count": 123,
            "certtemplate_count": 123,
            "deleted_count": 123
          }
        ]
      },
      "current_task": {
        "id": 123,
        "client_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
        "client_name": "<string>",
        "event_id": {
          "int32": 123,
          "valid": true
        },
        "execution_time": "2023-11-07T05:31:56Z",
        "start_time": "2023-11-07T05:31:56Z",
        "end_time": "2023-11-07T05:31:56Z",
        "status": -1,
        "status_message": "<string>",
        "session_collection": true,
        "local_group_collection": true,
        "ad_structure_collection": true,
        "cert_services_collection": true,
        "ca_registry_collection": true,
        "dc_registry_collection": true,
        "all_trusted_domains": true,
        "domain_controller": "<string>",
        "ous": [
          {
            "objectid": "<string>",
            "name": "<string>",
            "exists": true,
            "distinguishedname": "<string>",
            "type": "<string>"
          }
        ],
        "domains": [
          {
            "objectid": "<string>",
            "name": "<string>",
            "exists": true,
            "type": "<string>"
          }
        ],
        "domain_results": [
          {
            "id": 123,
            "created_at": "2023-11-07T05:31:56Z",
            "updated_at": "2023-11-07T05:31:56Z",
            "deleted_at": {
              "time": "2023-11-07T05:31:56Z",
              "valid": true
            },
            "job_id": 123,
            "domain_name": "<string>",
            "success": true,
            "message": "<string>",
            "user_count": 123,
            "group_count": 123,
            "computer_count": 123,
            "gpo_count": 123,
            "ou_count": 123,
            "container_count": 123,
            "aiaca_count": 123,
            "rootca_count": 123,
            "enterpriseca_count": 123,
            "ntauthstore_count": 123,
            "certtemplate_count": 123,
            "deleted_count": 123
          }
        ]
      },
      "completed_job_count": 123,
      "completed_task_count": 123,
      "domain_controller": {
        "string": "<string>",
        "valid": true
      },
      "version": "<string>",
      "user_sid": {
        "string": "<string>",
        "valid": true
      },
      "type": "sharphound"
    }
  ]
}
Applies to BloodHound Enterprise only

Authorizations

Authorization
string
header
required

Authorization: Bearer $JWT_TOKEN

Headers

Prefer
string
default:wait=30

Prefer header, used to specify a custom timeout in seconds using the wait parameter as per RFC7240. Passing in wait=-1 bypasses all timeout limits when the feature is enabled.

Pattern: ^wait=(-1|[0-9]+)$

Query Parameters

created_at
string

Filter results by created_at value. See filter schema details for valid predicates. Filter results by column timestamp value formatted as an RFC-3339 string. Valid filter predicates are eq, neq, gt, gte, lt, lte.

Pattern: ^((eq|neq|gt|gte|lt|lte):)?[0-9]{4}-[0-9]{2}-[0-9]{2}[Tt][0-9]{2}:[0-9]{2}:[0-9]{2}(\.[0-9]{1,9})?([Zz]|-[0-9]{2}:[0-9]{2})$
updated_at
string

Filter results by updated_at value. See filter schema details for valid predicates. Filter results by column timestamp value formatted as an RFC-3339 string. Valid filter predicates are eq, neq, gt, gte, lt, lte.

Pattern: ^((eq|neq|gt|gte|lt|lte):)?[0-9]{4}-[0-9]{2}-[0-9]{2}[Tt][0-9]{2}:[0-9]{2}:[0-9]{2}(\.[0-9]{1,9})?([Zz]|-[0-9]{2}:[0-9]{2})$
deleted_at
string

Filter results by deleted_at value. See filter schema details for valid predicates. Filter results by column timestamp value formatted as an RFC-3339 string. Valid filter predicates are eq, neq, gt, gte, lt, lte.

Pattern: ^((eq|neq|gt|gte|lt|lte):)?[0-9]{4}-[0-9]{2}-[0-9]{2}[Tt][0-9]{2}:[0-9]{2}:[0-9]{2}(\.[0-9]{1,9})?([Zz]|-[0-9]{2}:[0-9]{2})$
hydrate_domains
boolean
default:true

When a value of true is passed, any Domains associated with scheduled and finished jobs for each client will have expanded properties including name and type. When a value of false is passed, these same Domains will only return as a list of objectids.

hydrate_ous
boolean
default:true

When a value of true is passed, any OUs associated with scheduled and finished jobs for each client will have expanded properties including name and type. When a value of false is passed, these same OUs will only return as a list of objectids.

skip
integer

This query parameter is used for determining the number of objects to skip in pagination. The number of items to skip in a paginated response.

Required range: x >= 0
limit
integer

This query parameter is used for setting an upper limit of objects returned in paginated responses. The limit of results requested by the client.

Required range: x >= 0
sort_by
string

Sortable columns are name, ip_address, hostname, configured_user, last_checkin, completed_job_count, created_at, updated_at, deleted_at. Sort by column. Can be used multiple times; prepend a hyphen for descending order. See parameter description for details about which columns are sortable.

name
string

Filter results by column string value. Valid filter predicates are eq, ~eq, neq.

Pattern: ^((eq|~eq|neq):)?[^:]+$
ip_address
string

Filter results by column string value. Valid filter predicates are eq, ~eq, neq.

Pattern: ^((eq|~eq|neq):)?[^:]+$
hostname
string

Filter results by column string value. Valid filter predicates are eq, ~eq, neq.

Pattern: ^((eq|~eq|neq):)?[^:]+$
configured_user
string

Filter results by column string value. Valid filter predicates are eq, ~eq, neq.

Pattern: ^((eq|~eq|neq):)?[^:]+$
version
string

Filter results by column string value. Valid filter predicates are eq, ~eq, neq.

Pattern: ^((eq|~eq|neq):)?[^:]+$
user_sid
string

Filter results by column string value. Valid filter predicates are eq, ~eq, neq.

Pattern: ^((eq|~eq|neq):)?[^:]+$
last_checkin
string

Filter results by column string value. Valid filter predicates are eq, ~eq, neq.

Pattern: ^((eq|~eq|neq):)?[^:]+$
current_job_id
string

Filter results by column integer value. Valid filter predicates are eq, neq, gt, gte, lt, lte.

Pattern: ^((eq|neq|gt|gte|lt|lte):)?-?[0-9]+$
completed_job_count
string

Filter results by column integer value. Valid filter predicates are eq, neq, gt, gte, lt, lte.

Pattern: ^((eq|neq|gt|gte|lt|lte):)?-?[0-9]+$
domain_controller
string

Filter results by column string value. Valid filter predicates are eq, ~eq, neq.

Pattern: ^((eq|~eq|neq):)?[^:]+$
id
string

Filter results by column string-formatted uuid value. Valid filter predicates are eq, neq.

Pattern: ^((eq|neq):)?[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$

Response

OK

count
integer

The total number of results.

Required range: x >= 0
skip
integer

The number of items to skip in a paginated response.

Required range: x >= 0
limit
integer

The limit of results requested by the client.

Required range: x >= 0
data
object[]