Delete Records
Records can be deleted by an authorized user. This can be done by issuing an HTTP DELETE to /rest/<type>/<id>. Deletion can only be done by a user account with the correct privileges and not by a connection authenticated using a REST token. The Python requests module implements both HTTP Basic user auth as well as HTTP DELETE.
/rest/<type>/<id>
Syntax
https://<username>:<password>@<host>/rest/<type>/<id>
DELETE
Delete a record.
Example Python request
Delete container Id 42.requests.delete('https://192.168.1.1/rest/container/42', auth=('soar_local_admin', 'password'))
Example response
A successful DELETE will return a success message.{
"success": true
}
Example curl request
Delete the custom CEF Id 151.curl -k -u soar_local_admin:changeme https://localhost/rest/cef/151 -X DELETE
Example response
A successful DELETE will return the success message.{
"success": true
}
Failures will return a non-200 response code and JSON with "failed" = true and an appropriate "message".
Delete is only supported for the following record types:
- Apps (/rest/app/<id>)
- Artifacts (/rest/artifact/<id>)
- Assets (/rest/asset/<id>)
- CEF (/rest/cef/<id>)
- Containers (/rest/container/<id>)
- Container Attachments (vault files such as /rest/container_attachment/<id>)
- Custom Lists (/rest/decided_list/<id>)
- Roles (/rest/role/<id>)
- Workbooks (/rest/workbook_template/<id>)
Note: Custom Lists can be deleted with user or token authentication. All others require user authentication. Do not delete containers while a playbook is running against them.