Third Parties enabling APIs v1

The SPHINX Application Programming Interface (API) for Third Parties (S-API) enables third-party solution providers to access and interact with the SPHINX Platform and its components. Subject to authentication, authorisation and using end-to-end encryption, S-API exposes advanced cybersecurity functionalities implemented by the SPHINX components, such as device/application certification, threat registry notification and anomaly detection. S-API therefore brings to SPHINX an easy integration with external components and the possibility for third-parties to extend existing SPHINX functionalities and incorporate additional functions. S-API also brings additional exploitation opportunities related with third-party’s services.

This document presents the detailed design for the SPHINX S-API component, following the component’s introduction in the SPHINX architecture deliverable (D2.6 - SPHINX Architecture v2) [1]. It extends the technical specifications defined in [1] with the specific requirements for the component’s development, addressing its specificities, as well as interface specifications between S-API and the SPHINX components and third-parties. Importantly, it describes S-API interactions with third-parties and SPHINX services, which serve as a basis for the technical implementation of the S-API component in SPHINX.