For Agents
Manage monitored companies in Black Kite, pull cyber risk scores and trends, and generate vendor risk reports. Useful for agents that automate third-party risk monitoring.
Get started with Black Kite API in minutes using your preferred integration method.
# Add to your MCP client config (Claude Desktop, Cursor, Windsurf)
{
"jentic": {
"url": "https://api.jentic.com/mcp",
"auth": "oauth"
}
}
# Then ask your agent:
"get the cyber risk summary for a monitored company"
# → Jentic returns the GET /events tool with parameter schema, agent executes.What an agent can do with Black Kite API API.
Add, list, and remove companies in the Black Kite monitoring catalogue
Pull a company's technical, compliance, and financial risk score summary
Track monthly technical and financial risk trends per monitored company
Generate, poll, and download Black Kite company risk reports on demand
GET STARTED
Use for: Add a new vendor for Black Kite monitoring, Get the cyber risk summary for a monitored company, Retrieve the monthly technical risk trend for a vendor, Generate a Black Kite report for a third party
Not supported: Does not handle internal vulnerability scanning, endpoint protection, or SIEM ingestion — use for third-party cyber, compliance, and financial risk monitoring only.
The Black Kite API is the programmatic surface of Black Kite's cyber risk intelligence platform, used to assess third-party and supply chain risk from technical, compliance, and financial perspectives. It exposes operations to manage the catalogue of monitored companies and their attack-surface assets (domains, subdomains, IPs, IP blocks, ASNs, cloud associations), pull risk score summaries and monthly trends, and generate or download company risk reports. The published rate limit is 60 requests per minute.
Inspect attack-surface assets per company — domains, subdomains, IPs, ASNs, cloud associations
Search the company catalogue with structured filters before drilling into details
Patterns agents use Black Kite API API for, with concrete tasks.
★ Third-Party Vendor Onboarding Risk Check
When procurement onboards a new supplier, the integration calls POST /api/v2/companies to add the vendor to the Black Kite watchlist, then GET /api/v2/companies/{id}/summary to pull the initial risk scores. Procurement and security review the technical, compliance, and financial dimensions before the contract is signed. Repeat the call monthly to detect drift.
Call POST /api/v2/companies with the new vendor name and primary domain, wait for the initial scan, then call GET /api/v2/companies/{id}/summary and report the technical and compliance scores.
Supply Chain Risk Monitoring Dashboard
Build a monitoring dashboard that pulls GET /api/v2/companies/{id}/trend/technical and /trend/financial for every monitored vendor on a monthly cadence. The dashboard highlights vendors whose technical or financial risk worsened month over month, which feeds the security and procurement risk reviews. Black Kite's 60 rpm limit is comfortable for portfolios in the low hundreds.
Iterate the company list from GET /api/v2/companies, call /trend/technical and /trend/financial for each, and emit a list of vendors with month-over-month deterioration above 5 points.
Automated Risk Report Generation
Compliance teams trigger a Black Kite report on a vendor, wait for it to be ready, and store the PDF or download link in their GRC system. The flow is POST /api/v2/companies/{id}/report-generate, poll GET /api/v2/companies/{id}/report-status, then GET /api/v2/companies/{id}/report-download or /report/{type}. This replaces the manual click-through in the Black Kite UI.
Call POST /api/v2/companies/{id}/report-generate, poll /report-status until done, then GET /report-download and store the link in the GRC system of record.
Attack Surface Inventory Sync
Sync the Black Kite-attributed assets for a vendor — domains, subdomains, IPs, IP blocks, ASNs, and cloud associations — into the in-house CMDB or ASM tool. Use the per-company asset endpoints (e.g. /api/v2/companies/{id}/domains, /subdomains, /ips, /ipblocks, /asn) to enumerate and reconcile differences. PATCH endpoints let the team mark false positives.
For a given vendor id, call GET /api/v2/companies/{id}/domains and /subdomains, diff against the CMDB, and PATCH the status of any asset the team has marked invalid.
Agent-Driven Vendor Risk Lookup via Jentic
An AI agent supporting the security team gets a question like 'what's the current cyber risk score for Acme Inc?' and uses Jentic to find the Black Kite summary operation. Jentic returns the schema, the agent calls /api/v2/companies/{id}/summary, and answers with the technical, compliance, and financial scores. The Black Kite OAuth credentials never enter the agent's prompt.
Use Jentic search for 'get the cyber risk summary for a monitored company', load the schema, then execute GET /api/v2/companies/{id}/summary and return the headline scores.
37 endpoints — the black kite api is the programmatic surface of black kite's cyber risk intelligence platform, used to assess third-party and supply chain risk from technical, compliance, and financial perspectives.
METHOD
PATH
DESCRIPTION
/api/v2/companies
List monitored companies
/api/v2/companies
Add a company for monitoring
/api/v2/companies/{id}/summary
Get company risk score summary
/api/v2/companies/{id}/trend/technical
Monthly technical risk trend
/api/v2/companies/{id}/report-generate
Generate a company report
/api/v2/companies/{id}/report-download
Download a generated report
/api/v2/companies/{id}/domains
List domains attributed to a company
/api/v2/companies
List monitored companies
/api/v2/companies
Add a company for monitoring
/api/v2/companies/{id}/summary
Get company risk score summary
/api/v2/companies/{id}/trend/technical
Monthly technical risk trend
/api/v2/companies/{id}/report-generate
Generate a company report
Three things that make agents converge on Jentic-routed access.
Credential isolation
Black Kite uses OAuth 2.0 client credentials. Jentic stores the client id and secret in the encrypted vault, mints and rotates short-lived bearer tokens, and exposes only a scoped Jentic token to the agent. This is important because the same OAuth client typically grants access to the entire monitored portfolio.
Intent-based discovery
Agents search Jentic with intents like 'get the cyber risk summary for a monitored company' or 'generate a Black Kite report' and Jentic returns the matching operation from the 37-endpoint spec with its input schema and OAuth requirements.
Time to first call
Direct integration: 2-3 days to wire OAuth client_credentials flow, the report-generation polling loop, and pagination. Through Jentic: under 2 hours — search, load schema, execute, with the OAuth lifecycle handled inside Jentic.
Alternatives and complements available in the Jentic catalogue.
Blackfire API
Blackfire monitors application performance while Black Kite monitors third-party cyber risk — both feed SRE and security dashboards.
Pair them for an SRE dashboard that needs both performance health and external risk posture.
Bitstamp API
Bitstamp pricing combined with Black Kite vendor risk supports financial-risk overlays on supplier portfolios.
Useful in fintech where supplier financial risk is correlated with market data.
BlazeMeter
BlazeMeter handles load testing while Black Kite handles vendor cyber risk — complementary in pre-launch readiness.
Use them together for vendor go-live readiness checks combining performance and security signals.
Specific to using Black Kite API API through Jentic.
What authentication does the Black Kite API use?
OAuth 2.0 with the client_credentials flow. Tokens are issued from https://app.blackkitetech.com/oauth/token. Through Jentic the OAuth client id and secret are stored in the encrypted vault, Jentic mints and rotates the bearer token, and the agent receives a scoped Jentic token instead of the raw client credentials.
Can I add a vendor for monitoring with the Black Kite API?
Yes. POST /api/v2/companies adds a company to your monitored catalogue. Once added, GET /api/v2/companies/{id}/summary returns the technical, compliance, and financial risk scores after the initial scan completes.
What are the rate limits for the Black Kite API?
60 requests per minute, as documented in the API description. For portfolio sweeps over more than a few dozen companies, throttle the loop or use the bulk-style search endpoint POST /api/v2/companies/search to reduce call counts.
How do I generate and download a Black Kite report through Jentic?
Install with pip install jentic, then use Jentic search with 'generate a Black Kite report for a third party'. Jentic resolves the three-step flow: POST /api/v2/companies/{id}/report-generate, poll /report-status, then GET /report-download. The OAuth token is managed inside Jentic.
Can I see the attack-surface assets attributed to a vendor?
Yes. Per-company endpoints like GET /api/v2/companies/{id}/domains, /subdomains, /ips, /ipblocks, /asn, and /clouds expose the assets Black Kite has attributed. PATCH variants let you correct false positives.
Is the Black Kite API free?
No. Black Kite is a paid platform — API access is included with active subscriptions. There is no public free tier; OAuth client credentials are issued to customer accounts only.
/api/v2/companies/{id}/report-download
Download a generated report
/api/v2/companies/{id}/domains
List domains attributed to a company