Symphony Messaging REST APIs
  • Symphony Messaging API Reference documentation
  • Endpoints Reference
    • Bots Authentication
      • Session Authenticate
      • Key Manager Authenticate
      • Session Authenticate (Cert)
      • Key Manager Authenticate (Cert)
      • Session Logout
      • Key Manager Logout
    • Apps Authentication
      • Authenticate App
      • Pod Certificate
    • Apps On Behalf Of (OBO)
      • API Endpoints for Apps
      • App Authentication
      • User Authentication by User ID
      • User Authentication by User Name
    • Info - Health Check
      • Health Check
      • Health Check Extended
      • Session User
      • Agent Info
      • Echo
    • Messages
      • Get Messages
      • Create Message
      • Blast Message
      • Attachment
      • Import Message
      • Update Message
      • Suppress Message
      • Message Search
      • Message Search
      • Message Status
      • Attachment Types
      • Get Message
      • List Attachments
      • List Message Receipts
      • Message Metadata
    • Datafeed - Real Time Events
      • Create Datafeed
      • Read Datafeed
      • List Datafeed
      • Delete Datafeed
    • Datahose - Pod Real Time Events
      • Datahose - Read Events
    • Streams - Conversations
      • Related to IMs
        • Create IM
        • Create IM non-inclusive
        • Update IM
        • IM Info
      • Related to Rooms
        • Room Attributes
        • Create Room
        • Update Room
        • Room Info
        • De/Re-activate Room
        • Room Members
        • Add Member
        • Remove Member
        • Promote Owner
        • Demote Owner
        • Search Rooms
      • All streams
        • Share Content
        • List User Streams
        • List User Streams (Admin)
        • Stream Info
        • List Streams for Enterprise
        • Stream Members
    • Signals
      • List Signals
      • Get Signal
      • Create Signal
      • Update Signal
      • Delete Signal
      • Subscribe Signal
      • Unsubscribe Signal
      • Suscribers
      • Signal Object
    • Connections
      • Get Connection
      • List Connection
      • Create Connection
      • Accept Connection
      • Reject Connection
      • Remove Connection
    • Presence
      • Get Presence
      • Get All Presence
      • Get User Presence
      • External Presence Interest
      • Set Presence
      • Set Other User's Presence - Admin
    • Users
      • Users Lookup
      • Search Users
      • Follow User
      • Unfollow User
      • List User Followers
      • List Users Followed
    • User Management
      • User Attributes Object
      • Password Object
      • Roles Object
      • UserKeyRequest Object
      • Get User
      • List Users
      • Create User
      • Update User
      • User Avatar
      • Update User Avatar
      • User Status
      • Update User Status
      • List Features
      • User Features
      • Update User Features
      • Find Users
      • List Roles
      • Add Role
      • Remove Role
      • List Audit Trail
      • Suspend User Account
      • Get Bot Manifest
      • Update Bot Manifest
    • User Sessions
      • List Sessions
      • Logout Session
      • Logout All Sessions
    • Groups - Distribution Lists
      • OAuth2 Authenticate
      • Add a new user to an existing group
      • Insert a new group
      • Retrieve a group
      • Update a group
      • List all groups of specified type
      • Update the group avatar
    • URI Protocols
      • Create Protocol
      • List Protocols
      • Delete Protocol
    • Manage Apps
      • Create App
      • Update App
      • Delete App
      • Get App
    • Apps Entitlements
      • List Apps
      • Update App Entitlements
      • List User Apps
      • Update User Apps
      • Update All User Apps
    • Disclaimers
      • Disclaimer
      • List Disclaimers
      • List Disclaimer Users
      • User Disclaimer
      • Update User Disclaimer
      • Unassign User Disclaimer
    • Delegates
      • User Delegates
      • Update User Delegates
    • Information Barrier Groups
      • List IB Groups
      • List IB Group Members
      • Add IB Group Members
      • Remove IB Group Members
      • List Policies
    • Certificates
      • Public (Signing) Certificate
      • List Company Certificates
      • Create Company Certificate
      • Delete Company Certificate
      • Company Certificate Details
      • List Verified Certificates
      • List Trusted Certificates
      • List Certificate Types
      • Update Company Certificate
    • Malware Scanner
      • Malware Scanner APIs
        • File Malware Scanner State
        • Update File Malware Scanner State
      • Customer Malware Scanner APIs
        • Malware Scanner Health
        • File Malware Scanner
    • DLP Dictionary & Policy Management
      • Overview
      • Dictionary Management endpoints
        • Create Dictionary
        • All Dictionaries
        • Specific Dictionary
        • Update Dictionary
        • Upload Dictionary Content
        • Download Dictionary Content
        • Delete Dictionary
      • V3 Policy Management endpoints
        • V3 Policy structure for Create/Update
        • V3 Create Policy
        • V3 All Policies
        • V3 Get Policy
        • V3 Update Policy
        • V3 Enable Policy
        • V3 Disable Policy
        • V3 Delete Policy
      • V3 Violations endpoints
        • V3 Violations - Sample Responses
        • V3 Violations - Special Scenarios of Attachments
        • V3 Message Violations
        • V3 Signal Violations
        • V3 Stream Violations
        • V3 Violation Attachment Download
    • Audit Trail 2
      • OAuth2 Authenticate
      • Get Audit trails
      • Get distinct values of a list of filters
      • Get Audit Trail Stream
      • Get categories permissions
    • Compliance Barrier Groups
      • Compliance Group Types
      • Compliance User Groups
        • List Compliance User Groups
        • Get a Compliance User Group
        • Create a Compliance User Group
        • Update a Compliance User Group
      • Compliance Group Assignments
        • List Assignments
        • List Compliance Group Assignments
        • Update a Compliance Group
      • Compliance Group Memberships
        • List Memberships
        • List Compliance Group Memberships
        • Add Compliance Group Membership
        • Update a User Membership
  • Deprecated Endpoints
    • DLP Dictionary and Policy management
      • V2 Policy Management endpoints
        • V2 Create Policy
        • V2 All Policies
        • V2 Get Policy
        • V2 Update Policy
        • V2 Enable Policy
        • V2 Disable Policy
        • V2 Delete Policy
      • V2 Violations endpoints
        • V2 Signal Violations
        • V2 Message Violations
        • V2 Stream Violations
    • Create Presence Feed
    • Read Presence Feed
    • Delete Presence Feed
    • Get Message IDs by Timestamp
    • Health Check v2
    • Datafeed 1
      • Create Datafeed 1
      • Read Datafeed 1
Powered by GitBook
On this page
  • DLP Endpoints
  • Requirements
  • Embedded Error Responses
  • DLP for Agent Endpoints

Was this helpful?

  1. Endpoints Reference
  2. DLP Dictionary & Policy Management

Overview

Last updated 9 months ago

Was this helpful?

The Data Loss Prevention (DLP) endpoints are part of the Expression Filtering v3 (EFv3) functionality released in 1.49. This functionality is an extension of Expression Filtering v1.

When this feature is turned on, a Super Administrator can define content violation policies with dictionary terms and the appropriate policy scoping (Internal or External) for messages, streams, and signals. As Symphony client end users perform certain actions (specifically send messages and create or update rooms and signals), the system may block or warn the user when any content matches terms defined in the policy, as follows:

  • BLOCK: The end user can’t send the message or create or update the room or signal.

  • WARN: The end user can rectify the issue by either: • Removing the text that matched policy terms. The results show "ignoreDLPwarning": "false". • Sending the content as is and ignoring the warning. The results show "ignoreDLPwarning": "true".

When an end user’s communication results in a BLOCK or WARN, the EFv3 functionality records these violation events. This data is available via the Violation endpoints.

DLP Endpoints

The dictionary and policy management endpoints enable you to view, create, edit, and delete your dictionaries and policies in the EFv3 system. The violations endpoints enable you to get violations on messages, signals, and streams. For authentication, use the and tokens.

The Dictionary Management endpoints are described in the subpages, accessible using the navigation menu on the left.

Requirements

The Symphony administrator must be a Super Administrator.

The endpoint caller must have the following:

  • Be a Content Export Service (ceservice) user.

  • Have the service account role "Expression Filter Policy Management".

  • Be able to decrypt Base64-encoded messages.

Your company must have implemented EFv3 functionality for the pod. This requires a new component called the SymProxy that decrypts and parses content.

  • If you are doing on-prem management of your security keys (i.e.; if you have an on-prem KM), you will need to deploy the Symproxies on-prem as well

  • If you are leveraging an on-pod KM, your pod will have on-pod Symproxies managed by Symphony

For more information, see the Symphony Administration Guide.

📘 Notes

  • When a SymProxy is unavailable, messages are ingested and sent even though not parsed.

  • Legacy clients won’t show BLOCK and WARN messages on the interface. Because there is no interface to prevent users from performing an action, the content is sent and the violation is recorded as "type": "ACCEPTED_LEGACY_CLIENT".

Embedded Error Responses

For the beta release of these endpoints, the error response includes the error message contained within the "message" property of the returned object.

The example shows a sample error response for a dictionary validation issue.

{
  "code": 400,
  "message": "400 Bad Request: {\"message\":\"Request contains invalid dictionaries that can not be found in database\"}"
}

DLP for Agent Endpoints

With DLP (Data Loss Prevention) enabled, when the Agent performs an action with terms predefined in the Policy, the Expression Filters v3 records these violation events as shown below.

  • Message content: verifies if a message contains forbidden content or files.

  • File content: verifies if a file contains a forbidden name, terms or expressions.

  • File size: verifies the maximum size of an attachment.

  • File extension: verifies if the file extension is forbidden.

  • File password protection: blocks files with or without a password, depending on what was configured in the policy.

  • File Classifier: blocks files with metadata violation.

  • Chat Room: verifies if the chat name or description contains forbidden expressions.

  • Signals: verifies name, words, and tags.

In order to perform the actions mentioned above and return a 451 error (BLOCK or WARN), the following endpoints are subject to DLP:

Click on the endpoints above to see the messages returned by each 451 error response.

.

.

.

Key Manager
Session
Create Message v4
Create Room v3
Create Signal