censys-sdk-typescript

Developer-friendly & type-safe Typescript SDK specifically catered to leverage the Censys Platform API.

Summary

Table of Contents

• censys-sdk-typescript
  • SDK Installation
  • Requirements
  • SDK Example Usage
  • Available Resources and Operations
  • Standalone functions
  • Global Parameters
  • Retries
  • Error Handling
  • Server Selection
  • Custom HTTP Client
  • Authentication
  • Debugging
• Development
  • Maturity
  • Contributions

SDK Installation

The SDK can be installed with either npm, pnpm, bun or yarn package managers.

NPM

npm add @censys/platform-sdk

PNPM

pnpm add @censys/platform-sdk

Bun

bun add @censys/platform-sdk

Yarn

yarn add @censys/platform-sdk

Requirements

For supported JavaScript runtimes, please consult RUNTIMES.md.

SDK Example Usage

Example

import { SDK } from "@censys/platform-sdk";

const sdk = new SDK({
  organizationId: "11111111-2222-3333-4444-555555555555",
  personalAccessToken: "<YOUR_BEARER_TOKEN_HERE>",
});

async function run() {
  const result = await sdk.globalData.search({
    searchQueryInputBody: {
      fields: [
        "host.ip",
      ],
      pageSize: 1,
      query: "host.services: (protocol=SSH and not port: 22)",
    },
  });

  console.log(result);
}

run();

Available Resources and Operations

AccountManagement

• getOrganizationDetails - Get organization details
• getOrganizationCredits - Get organization credit balance
• getOrganizationCreditUsage - Get organization credit usage
• inviteUserToOrganization - Invite user to organization
• listOrganizationMembers - List organization members
• removeOrganizationMember - Remove member from organization
• updateOrganizationMember - Update a member's roles in an organization
• getMemberCreditUsage - Get organization member credit usage
• getUserCredits - Get Free user credit balance
• getUserCreditsUsage - Get Free user credit usage

Collections

• list - List collections
• create - Create a collection
• delete - Delete a collection
• get - Get a collection
• update - Update a collection
• listEvents - Get a collection's events
• aggregate - Aggregate results for a search query within a collection
• search - Run a search query within a collection

GlobalData

• getCertificates - Retrieve multiple certificates
• getCertificatesRaw - Retrieve multiple certificates in PEM format
• getCertificate - Get a certificate
• getCertificateRaw - Get a certificate in PEM format
• getHosts - Retrieve multiple hosts
• getHost - Get a host
• listServicesOnHost - Get service history for a host
• getHostTimeline - Get host event history
• getWebProperties - Retrieve multiple web properties
• getWebProperty - Get a web property
• createTrackedScan - Live Rescan: Initiate a new rescan
• getTrackedScan - Get scan status
• aggregate - Aggregate results for a search query
• convertLegacySearchQueries - Convert Legacy Search queries to Platform queries
• search - Run a search query

ThreatHunting

• getHostObservationsWithCertificate - Get host history for a certificate
• createTrackedScan - Live Discovery: Initiate a new scan
• getTrackedScanThreatHunting - Get scan status
• listThreats - List active threats
• valueCounts - CensEye: Retrieve value counts to discover pivots

Standalone functions

All the methods listed above are available as standalone functions. These functions are ideal for use in applications running in the browser, serverless runtimes or other environments where application bundle size is a primary concern. When using a bundler to build your application, all unused functionality will be either excluded from the final bundle or tree-shaken away.

To read more about standalone functions, check FUNCTIONS.md.

• accountManagementGetMemberCreditUsage - Get organization member credit usage
• accountManagementGetOrganizationCredits - Get organization credit balance
• accountManagementGetOrganizationCreditUsage - Get organization credit usage
• accountManagementGetOrganizationDetails - Get organization details
• accountManagementGetUserCredits - Get Free user credit balance
• accountManagementGetUserCreditsUsage - Get Free user credit usage
• accountManagementInviteUserToOrganization - Invite user to organization
• accountManagementListOrganizationMembers - List organization members
• accountManagementRemoveOrganizationMember - Remove member from organization
• accountManagementUpdateOrganizationMember - Update a member's roles in an organization
• collectionsAggregate - Aggregate results for a search query within a collection
• collectionsCreate - Create a collection
• collectionsDelete - Delete a collection
• collectionsGet - Get a collection
• collectionsList - List collections
• collectionsListEvents - Get a collection's events
• collectionsSearch - Run a search query within a collection
• collectionsUpdate - Update a collection
• globalDataAggregate - Aggregate results for a search query
• globalDataConvertLegacySearchQueries - Convert Legacy Search queries to Platform queries
• globalDataCreateTrackedScan - Live Rescan: Initiate a new rescan
• globalDataGetCertificate - Get a certificate
• globalDataGetCertificateRaw - Get a certificate in PEM format
• globalDataGetCertificates - Retrieve multiple certificates
• globalDataGetCertificatesRaw - Retrieve multiple certificates in PEM format
• globalDataGetHost - Get a host
• globalDataGetHosts - Retrieve multiple hosts
• globalDataGetHostTimeline - Get host event history
• globalDataGetTrackedScan - Get scan status
• globalDataGetWebProperties - Retrieve multiple web properties
• globalDataGetWebProperty - Get a web property
• globalDataListServicesOnHost - Get service history for a host
• globalDataSearch - Run a search query
• threatHuntingCreateTrackedScan - Live Discovery: Initiate a new scan
• threatHuntingGetHostObservationsWithCertificate - Get host history for a certificate
• threatHuntingGetTrackedScanThreatHunting - Get scan status
• threatHuntingListThreats - List active threats
• threatHuntingValueCounts - CensEye: Retrieve value counts to discover pivots

Global Parameters

A parameter is configured globally. This parameter may be set on the SDK client instance itself during initialization. When configured as an option during SDK initialization, This global value will be used as the default on the operations that use it. When such operations are called, there is a place in each to override the global value, if needed.

For example, you can set organization_id to `` at SDK initialization and then you do not have to pass the same value on calls to operations like getOrganizationDetails. But if you want to do so you may, which will locally override the global setting. See the example code below for a demonstration.

Available Globals

The following global parameter is available.

| Name | Type | Description | | -------------- | ------ | ----------------------------- | | organizationId | string | The organizationId parameter. |

Example

import { SDK } from "@censys/platform-sdk";

const sdk = new SDK({
  organizationId: "11111111-2222-3333-4444-555555555555",
  personalAccessToken: "<YOUR_BEARER_TOKEN_HERE>",
});

async function run() {
  const result = await sdk.accountManagement.getOrganizationDetails({
    organizationId: "11111111-2222-3333-4444-555555555555",
  });

  console.log(result);
}

run();

Retries

Some of the endpoints in this SDK support retries. If you use the SDK without any configuration, it will fall back to the default retry strategy provided by the API. However, the default retry strategy can be overridden on a per-operation basis, or across the entire SDK.

To change the default retry strategy for a single API call, simply provide a retryConfig object to the call:

import { SDK } from "@censys/platform-sdk";

const sdk = new SDK({
  personalAccessToken: "<YOUR_BEARER_TOKEN_HERE>",
});

async function run() {
  const result = await sdk.accountManagement.getOrganizationDetails({
    organizationId: "11111111-2222-3333-4444-555555555555",
  }, {
    retries: {
      strategy: "backoff",
      backoff: {
        initialInterval: 1,
        maxInterval: 50,
        exponent: 1.1,
        maxElapsedTime: 100,
      },
      retryConnectionErrors: false,
    },
  });

  console.log(result);
}

run();

If you'd like to override the default retry strategy for all operations that support retries, you can provide a retryConfig at SDK initialization:

import { SDK } from "@censys/platform-sdk";

const sdk = new SDK({
  retryConfig: {
    strategy: "backoff",
    backoff: {
      initialInterval: 1,
      maxInterval: 50,
      exponent: 1.1,
      maxElapsedTime: 100,
    },
    retryConnectionErrors: false,
  },
  personalAccessToken: "<YOUR_BEARER_TOKEN_HERE>",
});

async function run() {
  const result = await sdk.accountManagement.getOrganizationDetails({
    organizationId: "11111111-2222-3333-4444-555555555555",
  });

  console.log(result);
}

run();

Error Handling

SDKBaseError is the base class for all HTTP error responses. It has the following properties:

| Property | Type | Description | | ------------------- | ---------- | --------------------------------------------------------------------------------------- | | error.message | string | Error message | | error.statusCode | number | HTTP response status code eg 404 | | error.headers | Headers | HTTP response headers | | error.body | string | HTTP body. Can be empty string if no body is returned. | | error.rawResponse | Response | Raw HTTP response | | error.data$ | | Optional. Some errors may contain structured data. See Error Classes. |

Example

import { SDK } from "@censys/platform-sdk";
import * as errors from "@censys/platform-sdk/models/errors";

const sdk = new SDK({
  personalAccessToken: "<YOUR_BEARER_TOKEN_HERE>",
});

async function run() {
  try {
    const result = await sdk.accountManagement.getOrganizationDetails({
      organizationId: "11111111-2222-3333-4444-555555555555",
    });

    console.log(result);
  } catch (error) {
    // The base class for HTTP error responses
    if (error instanceof errors.SDKBaseError) {
      console.log(error.message);
      console.log(error.statusCode);
      console.log(error.body);
      console.log(error.headers);

      // Depending on the method different errors may be thrown
      if (error instanceof errors.AuthenticationError) {
        console.log(error.data$.error); // components.AuthenticationErrorDetail
      }
    }
  }
}

run();

Error Classes

Primary errors:

• SDKBaseError: The base class for HTTP error responses.
  • ErrorModel: Generic error.
  • AuthenticationError: Request does not contain a valid Authorization token. Status code 401.

Network errors:

• ConnectionError: HTTP client was unable to make a request to a server.
• RequestTimeoutError: HTTP request timed out due to an AbortSignal signal.
• RequestAbortedError: HTTP request was aborted by the client.
• InvalidRequestError: Any input used to create a request is invalid.
• UnexpectedClientError: Unrecognised or unexpected error.

Inherit from SDKBaseError:

• ResponseValidationError: Type mismatch between the data returned from the server and the structure expected by the SDK. See error.rawValue for the raw value and error.pretty() for a nicely formatted multi-line string.

Server Selection

Override Server URL Per-Client

The default server can be overridden globally by passing a URL to the serverURL: string optional parameter when initializing the SDK client instance. For example:

import { SDK } from "@censys/platform-sdk";

const sdk = new SDK({
  serverURL: "https://api.platform.censys.io",
  personalAccessToken: "<YOUR_BEARER_TOKEN_HERE>",
});

async function run() {
  const result = await sdk.accountManagement.getOrganizationDetails({
    organizationId: "11111111-2222-3333-4444-555555555555",
  });

  console.log(result);
}

run();

Custom HTTP Client

The TypeScript SDK makes API calls using an HTTPClient that wraps the native Fetch API. This client is a thin wrapper around fetch and provides the ability to attach hooks around the request lifecycle that can be used to modify the request or handle errors and response.

The HTTPClient constructor takes an optional fetcher argument that can be used to integrate a third-party HTTP client or when writing tests to mock out the HTTP client and feed in fixtures.

The following example shows how to:

• route requests through a proxy server using undici's ProxyAgent
• use the "beforeRequest" hook to add a custom header and a timeout to requests
• use the "requestError" hook to log errors

import { SDK } from "@censys/platform-sdk";
import { ProxyAgent } from "undici";
import { HTTPClient } from "@censys/platform-sdk/lib/http";

const dispatcher = new ProxyAgent("http://proxy.example.com:8080");

const httpClient = new HTTPClient({
  // 'fetcher' takes a function that has the same signature as native 'fetch'.
  fetcher: (input, init) =>
    // 'dispatcher' is specific to undici and not part of the standard Fetch API.
    fetch(input, { ...init, dispatcher } as RequestInit),
});

httpClient.addHook("beforeRequest", (request) => {
  const nextRequest = new Request(request, {
    signal: request.signal || AbortSignal.timeout(5000)
  });

  nextRequest.headers.set("x-custom-header", "custom value");

  return nextRequest;
});

httpClient.addHook("requestError", (error, request) => {
  console.group("Request Error");
  console.log("Reason:", `${error}`);
  console.log("Endpoint:", `${request.method} ${request.url}`);
  console.groupEnd();
});

const sdk = new SDK({ httpClient: httpClient });

Authentication

Per-Client Security Schemes

This SDK supports the following security scheme globally:

| Name | Type | Scheme | | --------------------- | ---- | ----------- | | personalAccessToken | http | HTTP Bearer |

To authenticate with the API the personalAccessToken parameter must be set when initializing the SDK client instance. For example:

import { SDK } from "@censys/platform-sdk";

const sdk = new SDK({
  personalAccessToken: "<YOUR_BEARER_TOKEN_HERE>",
});

async function run() {
  const result = await sdk.accountManagement.getOrganizationDetails({
    organizationId: "11111111-2222-3333-4444-555555555555",
  });

  console.log(result);
}

run();

Debugging

You can setup your SDK to emit debug logs for SDK requests and responses.

You can pass a logger that matches console's interface as an SDK option.

[!WARNING] Beware that debug logging will reveal secrets, like API tokens in headers, in log messages printed to a console or files. It's recommended to use this feature only during local development and not in production.

import { SDK } from "@censys/platform-sdk";

const sdk = new SDK({ debugLogger: console });

Development

Maturity

This SDK is in beta, and there may be breaking changes between versions without a major version update. Therefore, we recommend pinning usage to a specific package version. This way, you can install the same version each time without breaking changes unless you are intentionally looking for the latest version.

Contributions

While we value open-source contributions to this SDK, this library is generated programmatically. Any manual changes added to internal files will be overwritten on the next generation. We look forward to hearing your feedback. Feel free to open a PR or an issue with a proof of concept and we'll do our best to include it in a future release.

SDK Created by Speakeasy