We're excited to announce the general availability of the Sophos Mobile API. This API lets customers manage their devices enrolled with Sophos Mobile, and is particularly useful for customers who want to integrate with existing workflows or 3rd party tools.
Using the API
Sophos Central admins must set up API credentials to use the Sophos Mobile API. For details on setting up API credentials please see the Getting Started guide. Customers can then use tools such as Postman or curl to run API commands.
Once set up, admins can query for information about mobile devices and perform actions. This includes details such as listing device users, the last time a device synced, the OS version or compliance status. Admins can trigger a sync command to devices as well as sending a message to a user.
Examples
Device details
To get information about a tenant's mobile devices, use:
GET /mobile/v1/devices?pageTotal=true
This returns details like the below:
{"items": [{"id": "dd40830b-b103-4f9a-ae02-bbf0d792466d", //ID of the mobile device"tenant": {"id": "b8a75c7d-7492-4009-9f95-8c815551dc55" //Tenant of the mobile device},"name": "AAA Chrome Work", //Name of the mobile device"email": "user@example.com", //Associated email of the mobile device"healthState": {"state": "amber", //Health statuts of the mobile device"mode": "automatic" //Whether the health status is set by Sophos Mobile based on the device's compliance or manually set by the admin.},"ownershipType": "corporate", //The device owner. "corporate" for devices owned by your organization, "personal" for devices owned by the user."lastSeenAt": "2024-10-24T05:35:30.000Z", //The last timestamp when the device connected to Sophos Mobile"ixmAppLastSeenAt": "2024-10-24T05:35:30.000Z", //The last timestamp when the IXM app connected to Sophos Mobile"compliance": {"compliant": false, //The device isn't compliant"severity": "high" //The severity of the compliance violation. Here, "High".},"managementType": "chromeSecurity", //The device's management mode. Here, Sophos Chrome Security."managedState": "managed", //The device's management status. Here, "Managed"."os": {"id": "4e880043-3206-4166-ab0b-3d9bf2a60196", //The ID of the device's operating system."name": "Chrome 129", //The name of the device's operating system."platform": "chrome" //The device platform.}}],"pages": {"current": 1, //The current page"size": 50, //The number of items on a page. You can change this value with the pageSize=<int_value> query parameter."total": 1, //The total number of pages"items": 1, //The total number of items on all pages"maxSize": 500 //The maximum allowed page size for the pageSize query parameter.}}
Run a scan
Intercept X for Mobile scans Android devices for malware. To trigger a malware scan use:
POST /mobile/v1/actions/scan
In the request include the devices to be scanned:
{"endpoints": [ //A list of endpoints which should execute a scan"dd40830b-b103-4f9a-ae02-bbf0d792466d","e7e88612-d9b1-4e2f-b248-f2fad48579e4"]}
The below response is seen:
{"created": [{"id": "ec09add5-a752-4b6e-b1b6-b89000252edb", //The unique ID of the action"tenant": {"id": "b8a75c7d-7492-4009-9f95-8c815551dc55" //Tenant of the mobile device},"device": {"id": "dd40830b-b103-4f9a-ae02-bbf0d792466d", //The ID of the mobile device"name": "My Android Device"},"type": "scan", //The requested action"state": "accepted" //The processing status of the action}],"errors": {"failedToCreate": {"endpointNotFound": [ //Endpoints that were unknown to Sophos Mobile and therefore didn't receive the action"e7e88612-d9b1-4e2f-b248-f2fad48579e4"]}}}
The Sophos Developer page is in the process of being updated to explain the full details of all Mobile API commands.