Topics Map > Help and Training
Topics Map > Safety and Security
Cybersecurity, Endpoint and Data Stores Documentation Examples
About Endpoint and Data Stores Documentation
The purpose of this document is to provide guidance and examples on how to properly document API endpoints and data stores.
Properly documenting endpoints and data stores is expected and helps comply with the IT-08 Development Process Standard IT-08.4.1.
In many cases a text table located in
README.md in the code repository will suffice.
Example Endpoint Documentation
The documentation for an application should include a list of endpoints the application uses and their purposes.
Recording additional fields can assist during routine maintenance or when responding to a cybersecurity incident.
|https://ldap.example.illinois.edu/api/v2/||LDAP||User lookup||Prod||Read Only|
|https://chatbot.example.illinois.edu/rest/api/2/||JSON REST API||Chat Bot Notification||Prod||Read/Write|
|https://ticketing-test.example.illinois.edu/ticket/v3/||XML API||Ticketing - Testing||Test||Read/Write|
Example Data Store Documentation
The record for the data stores should list the highest data sensitivity of any data in that data store.
|Data Store||Data Type||Sensitivity||Notes|
|ICSDB||MySQL DB||Public||Read Only - For finding and comparing local ice cream shops|
|HeavyRock DB||MongoDB||Internal||Read Only - A list of potential rocks to send through the mail|
|WatcherDB||MySQL DB||High Risk||Read Only - For observing the universe. High sensitivity because it knows all and sees all.|