Skip to main content

Cortex

Cortex is a system management tool that centralizes the oversight of services, applications, and team interactions. You can bring catalog, person, and team data from Cortex into Brinqa to streamline security processes and enhance risk assessments.

This document details the information you must provide for the connector to authenticate with Cortex and how to obtain that information from Cortex. See create a data integration for step-by-step instructions on setting up the integration.

Required connection settings

When setting up a data integration, select Cortex from the Connector drop-down. If you cannot find the connector in the drop-down, make sure that you have installed it first. You must provide the following information to authenticate Cortex with Brinqa:

  • Server URL: The Cortex server URL. The default URL is https://api.getcortexapp.com/.

  • API token: The Cortex API token associated with the Cortex account, which must have permissions to log in to the API server and return data.

Generate a Cortex API token

For the Cortex connector to use the Cortex API, you must provide an access token. You can use either a personal access token or an API token to retrieve data from the Cortex API.

To generate an API token, follow these steps:

  1. Log in to your organization's Cortex portal as an administrator.

    Only administrators can access the API Keys page and create API keys.

  2. Click the User Profile icon in the top-right corner and then click My Preferences from the drop-down.

  3. Click API Keys and then click Create API key.

    The Create API Key dialog displays. Complete the following fields:

    • API Key Role: Click the drop-down and select the role to determine the level of access.

      For the Cortex connector, select Viewer from the drop-down. The Viewer role is a read-only role and is considered to be the minimum role needed to read and retrieve data.

    • Description: (Optional) Provide a description for the token.

  4. Click Create API Key.

Your new API token appears. You cannot view the token after this. Copy the token and save it to a secure location.

note

If you do not have permissions to create an API token, contact your Cortex administrator. For additional information, see Cortex documentation.

To generate a new personal access token, follow these steps:

  1. Log in to your organization's Cortex portal.

  2. Click the User Profile icon in the top-right corner and then click My Preferences from the drop-down.

  3. Click Personal access tokens and then click Create new token.

    The Create personal access token dialog displays. Complete the following fields:

    • Name: Provide a name for the token.

    • Description: (Optional) Provide a description for the token.

    • Expiration date: Provide an expiry date for the token.

      Cortex personal access token dialog

  4. Click Create access token.

Your new personal access token appears. You can not view the token after this. Copy the token and save it to a secure location.

Cortex personal access tokens

note

Personal access tokens inherit the permissions of the user creating the token. At the very least, a User or Viewer role is required to retrieve data from the Cortex API. If permissions aren't sufficient to make API calls, you will receive a 403 error. For additional information, see Cortex documentation.

Types of data to retrieve

The Cortex connector can retrieve the following types of data from the Cortex API:

Table 1: Data retrieved from Cortex

Connector ObjectRequiredMaps to Data Model
CatalogNoNot mapped
PersonYesPerson
TeamYesTeam
info

For detailed steps on how to view the data retrieved from Cortex in the Brinqa Platform, see How to view your data.

Attribute mappings

Expand the sections below to view the mappings between the source and the Brinqa data model attributes.

Catalog

Table 2: Catalog attribute mappings

Source Field NameMaps to Attribute
descriptiondescription
git.aliasLocal variable
git.basepathLocal variable
git.providerLocal variable
git.repositoryLocal variable
git.repositoryUrlLocal variable
groupsLocal variable
hierarchyLocal variable
isArchivedLocal variable
lastUpdatedsourceLastModified
links.urlLocal variable
membersLocal variable
metadataLocal variable
namename
owners.individualsLocal variable
owners.teamsLocal variable
slackChannels.nameLocal variable
taguid
typetype
info

Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.

Person

Table 3: Person attribute mappings

Source Field NameMaps to Attribute
members.descriptiondescription
members.emailuid, email
members.namename
members.role.nameLocal variable
members.role.sourceLocal variable
members.role.tagLocal variable
members.role.typeLocal variable
info

Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.

Team

Table 4: Team attribute mappings

Source Field NameMaps to Attribute
catalogEntityTagLocal variable
isArchivedLocal variable
links.urlLocal variable
metadata.descriptionLocal variable
metadata.nameLocal variable
metadata.summaryLocal variable
slackChannels.channelLocal variable
teamTaguid, name
typetype
info

Local variable indicates that the field is processed within a specific context, such as a particular workflow or calculation. Unlike other attributes, local variables aren't mapped to the unified data models. They only exist on the source data model.

Operation options

The Cortex connector supports the following operation options. See connector operation options for information about how to apply them.

Table 5: Cortex connector operation options

Connector ObjectOptionAll Possible ValuesDescriptionExample
CatalogownersAny Cortex catalog owner group namesA comma-separated list of Cortex catalog owner group names. Retrieve catalogs by the specified owner group names. For additional information on owners, see Cortex documentation.Key: owners Value: jane-doe,john-doe. This key and value combination only retrieves catalogs owned by the jane-doe and john-doe owner group names.
typesAny Cortex catalog typeRetrieve catalogs by the specified type. Catalog types can include domains, resources, s3, or services. For additional information on catalogs and catalog types, see Cortex documentation.Key: types. Value: service. This key and value combination only retrieves catalogs with the service type.
note

The option keys and values are case-sensitive as they are shown in this documentation.

APIs

The Cortex connector uses the Cortex REST API v1. Specifically, it uses the following endpoints:

Table 6: Cortex API Endpoints

Connector ObjectAPI Endpoints
CatalogGET /api/v1/catalog/includeOwners=true&includeMetadata=true
PersonGET /api/v1/teams
TeamGET /api/v1/teams

Changelog

The Cortex connector has undergone the following changes:

3.0.1

  • The LINKS attribute is now retrieved on the Catalog object.

3.0.0