The Security Insights API lets you enable or disable the chrome security insights feature, check its enablement status, and query insights data (such as content transfers and URL visits).
Quick overview of API methods
URLs are relative to
https://chromemanagement.googleapis.com/v1/customers/$CUSTOMER
| Description | Relative URL | Http method | Allowed request parameters |
|---|---|---|---|
| Enable insights for your domain and configure chrome connectors for root OU/a specific set of OUs in your domain | /enterprise/securityInsights:enable | POST | Optional: targetOus |
| Disable insights for your domain | /enterprise/securityInsights:disable | POST | |
| Check the enablement status for insights for your domain | /enterprise/securityInsights:checkEnablementStatus | GET | |
| Query high-level content transfer summaries for your domain | /enterprise/securityInsights:queryContentTransfers | GET | Optional: filter |
| Query content transfer summaries with breakdowns by user/domain/content category | /enterprise/securityInsights:queryContentTransfersBreakdowns | GET | Optional: filter, metric, breakdown, fixedTimeRange, pageSize, pageToken |
| Query high-level URL visit summaries for your domain | /enterprise/securityInsights:queryUrlVisits | GET | Optional: filter |
| Query URL visit summaries with breakdowns by user/domain | /enterprise/securityInsights:queryUrlVisitsBreakdowns | GET | Optional: filter, metric, breakdown, fixedTimeRange, pageSize, pageToken |
See code samples for example requests and responses.
Subscription requirements
The following API methods require an active Chrome Enterprise Premium subscription. If the customer does not have this subscription, requests are not blocked, but query results will be empty.
queryUrlVisitsqueryUrlVisitsBreakdowns
Admin Privileges
Depending on which method is being invoked, different administrator privileges are required.
| Method | Admin privileges required |
|---|---|
| enable | "Organization Units > Read" "Services > Chrome Management > Settings > Manage User Settings" "Services > Chrome DLP > Manage Chrome DLP application insights settings" |
| disable | "Organization Units > Read" "Services > Chrome Management > Settings > Manage User Settings" "Services > Chrome DLP > Manage Chrome DLP application insights settings" |
| checkEnablementStatus | "Organization Units > Read" "Services > Chrome DLP > Manage Chrome DLP application insights settings" OR "Services > Chrome DLP > View Chrome DLP application insights settings" |
| queryContentTransfers | "Services > Chrome DLP > View Chrome DLP application insights settings" |
| queryContentTransfersBreakdowns | "Services > Chrome DLP > View Chrome DLP application insights settings" |
| queryUrlVisits | "Services > Chrome DLP > View Chrome DLP application insights settings" |
| queryUrlVisitsBreakdowns | "Services > Chrome DLP > View Chrome DLP application insights settings" |
To manage administrator roles and privileges visit "Admin Console -> Admin Roles".
API scopes
Enable and Disable APIs requires the following OAuth scope:
https://www.googleapis.com/auth/chrome.management.securityinsights
For checkEnablementStatus and all query methods, either of these two scopes can be used:
https://www.googleapis.com/auth/chrome.management.securityinsights
https://www.googleapis.com/auth/chrome.management.securityinsights.readonly
For more information, see the Authentication Overview.