1. Blumira Support
  2. Using Blumira
  3. Reporting & Dashboards

Quick Links

Using the Blumira API

Overview

The Blumira API makes it easier to connect Blumira to the other tools and systems your business relies on, enabling you to get more out of your data. It is designed to improve mapping and integration between services, support operational dashboards, and scale operations with Blumira.

After creating your Blumira API credentials, you can connect Blumira to the business tools you and your teams rely on for things like ticketing, reporting, or resource management.

MSPs: Additional licensing information and endpoints are available for MSPs. If you are an MSP administrator, refer to Using the Blumira API as an MSP for licensing details and configuration instructions.

About the endpoints

The Blumira API is OpenAPI Specification v3 compliant, uses standard REST protocols, and can be integrated with any programming language that supports HTTP requests. The API endpoints will be rate-limited at 10 requests per second per key.

The available endpoints give you access to the following information:

  • Findings information, including name, priority, status, and assignee
  • Comments that have been added to findings
  • Blumira Agent device details, statuses, and installation keys
Reference: Explore the endpoints and example results at https://api.blumira.com/public-api/v1/ui/.

Generating Blumira API credentials

With an active Blumira license, you can generate multiple pairs of API credentials for your account. Each key pair includes read-write access by default, but you can scope a key pair to read-only access if necessary.

To generate Blumira API credentials, do the following:

  1. In the app, navigate to Settings > Organization.
  2. Under Blumira API Credentials, click Generate API Credentials.
  3. In the Generate API Credentials window, do the following:
    1. (Optional) In Label, type a name for the key pair.
    2. Under Access level, select the scope of access for the keys.
    3. Click Generate.
  4. Copy and save your Client ID and Client Secret.

Using your Blumira API credentials 

Generating a JWT bearer token

Access to the Blumira API requires authorization with a JWT bearer token. When running your own command in your preferred language, ensure you replace the client_id and client_secret with the values given to you in the key pair for your account.

Below are examples of cURL commands you can use to create the token:

  • Using individual form values in the body of the request:

    curl --request POST \ --url 'https://auth.blumira.com/oauth/token' \ --header 'content-type: application/x-www-form-urlencoded' \ --data grant_type=client_credentials \ --data client_id=$CID \ --data client_secret=$SEC \ --data audience=public-api

  • Using JSON in the body of the request:

    curl --request POST \ --url 'https://auth.blumira.com/oauth/token' \ --header 'content-type: application/json' \ --data "{\"client_id\":\"$CID\",\"client_secret\":\"$SEC\",\"audience\":\"public-api\",\"grant_type\":\"client_credentials\"}"

Using the bearer token

Example bearer token output:

{"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IlFrRTVNREUxUVRKR05UbEJOVGREUlRKRE1rUkdOMEZFTXpreFJEa3pOelJFUmpKQlFVUTROUSJ9.eyJwb2wiOiJ4ZHJfcnciLCJvcmciOiJmZmZmZmZmZi1mZWVkLWJlZWYtMTMzNy1jMGZmZWUwMDAwMDIiLCJpc3MiOiJodHRwczovL2F1dGguZC5iNWEuaW8vIiwic3aaaaaaaaFIY0lIYmhqNFVJVVdTQzE1OGp3NVloYmRWZTluOUNAY2xpZW50cyIsImF1ZCI6InB1YmxpYy1hcGkiLCJpYXQiOjE3MzQwMjg1ODIsImV4cCI6MTczNjYyMDU4Miwic2NvcGUiOiJydyIsImd0eSI6ImNsaWVudC1jcmVkZW50aWFscyIsImF6cCI6InhBSGNJSGJoajRVSVVXU0MxNThqdzVZaGJkVmU5bjlDIn0.JF87Yx9sBBiIOJ0rM6IAO6Rv4xs9LD_L_nwF5zMLdQlYYHnKCYuRbWYQiih5ITi_SkL2HG6Aa89XDKZ32jD2N5U7V6RE7AxGJteQBNU5AtijmimBORTdZz9gr3g5ol_R4H1TRpapVeIYwebjVy9TE1h-V7xaP9CTnBUKSv2KIqaT6Gysz79isOd0Pjj_SzF89inSb44oND_Yam5qayYaql1rTKSKJQvLf-hvedKXM088fGG6xTQivoamgVIKZIEpVeBSTMzC22rrITwAcanWxLjVfI5yoChoqca1U8SKKg5AsJ9b5GLh28r6wH3BIHgd5sIxxxxxxxxxxxxxxxxxx","scope":"ro","expires_in":2592000,"token_type":"Bearer"}

In your preferred API platform, use the token to authorize into the Blumira API. The example bearer token can be used as follows:

curl --url https://api.blumira.com/public-api/v1/org/findings -H "Authorization: Bearer ${JWT}"
Important: The token is valid for about 30 days and then must be refreshed. 

Rotating or deleting API credentials

To rotate your Blumira API Client Secret, do the following:

  1. Navigate to Settings > Organization.
  2. In the Blumira API Credentials table, click Rotate.
  3. In the Client Secret Rotation window, click Yes.
    Screenshot 2025-06-04 at 2.16.49 PM.png
  4. In the Rotated Client Secret window, copy and save your new Client Secret.
    Note: You will need to use this to update the tools that were previously connected to the Blumira API.

To delete your credentials, do the following:

  1. Navigate to Settings > Organization.
  2. In the Blumira API Credentials table, at the end of the row, click Delete API Credentials (trash icon).
  3. In the Delete API Credentials window, click Delete.
    Screenshot 2025-06-04 at 2.26.29 PM.png