The reporting API provides a feed for all user request activity within the Browser/Email and URL Isolation products. For each entry within the API, the result contains a URL with an associated classification and disposition. The available dispositions are: EXIT_ISOLATION – User exited Isolation. BLOCK – Isolation blocked the URL. ALLOW – Isolation allows the URL to be displayed. BLOCK_DOWNLOAD - Isolation blocked a download attempt. BLOCK_UPLOAD - Isolation blocked an upload attempt. BLOCK_IFRAME - Isolation blocked the URL from being displayed inside the iFrame. ALLOW_DOWNLOAD - Isolation allowed a download. ALLOW_UPLOAD - Isolation allowed an upload. ALLOW_IFRAME - Isolation allowed the URL to be displayed inside the iFrame. The available classifications are: USER – Action performed by a user. MALWARE – Classified as malware. CONTENT_FILTERING – Classified as URL defined as should block in the content filtering configuration. PHISH – Classified as a phishing URL. BLOCKED_BY_POLICY – Classified as should be blocked by the policy defined in the Mail security product (valid only in URL isolation). DLP - Blocked by DLP policy. API Endpoints: Web Isolation URI: https://proofpointisolation.com/api/v2/reporting/usage-data URL Isolation URI: https://urlisolation.com/api/v2/reporting/usage-data