The disableOrganizationIocAccess() GraphQL mutation field is used to disable access to an IOC (i.e., indicators of compromise) for an organization. It requires organization manager permission.

For more information on IOC (indicator of compromise) database from CrowdStrike, see the IOC Configuration configuration page.

Syntax

Below is the syntax for the disableOrganizationIocAccess() mutation field:

graphql
disableOrganizationIocAccess(
      input: DisableOrganizationIocAccess!
   ): Organization!

Given Datatypes

For the given datatype, disableOrganizationIocAccess(), there are several parameters that may be given. Below is a list of them along with their datatypes and a description of each:

Table: DisableOrganizationIocAccess

ParameterTypeRequiredDefaultDescription
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
Table last updated: Sep 18, 2024
organizationIdstringyes The unique identifier of the organization for which to disable access to IOCs (indicators of compromise).

Returned Datatypes

The returned datatype organization() has its own parameters. Below is a list of them along with their datatypes and a description of each:

Table: Organization

ParameterTypeRequiredDefaultDescription
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
cidstring  The CID corresponding to the organization.
configsOrganizationConfigsyes Organization configurations and settings. See OrganizationDetails.
createdAtlong  Date organization was created.
defaultCachePolicyCachePolicy  The default cache policy of the organization. See CachePolicy. This is a preview and subject to change.
descriptionstring  The description for the Organization. Can be null.
detailsOrganizationDetailsyes Any additional details related to the organization. See OrganizationDetails.
externalGroupSynchronizationbooleanyes Whether there is group synchronization.
externalPermissionsbooleanyes Whether permissions are managed externally.
idstringyes The unique id for the Organization.
ingestUrlstring  The ingest URL for the organization.
isActionAllowedmultipleyes Check if user has a permission in organization. The datatype consists of (action: OrganizationAction): boolean. For OrganizationAction, give the action to check if a user is allowed to perform on the organization. See OrganizationAction.
limits[Limit]yes Limits assigned to the organization. See Limit.
limitsV2[LimitV2]yes Limits assigned to the organization. See LimitV2.
namestringyes The name for the Organization.
publicUrlstring  The public URL for the organization.
readonlyDashboardIPFilterstring  IP filter for readonly dashboard links.
searchDomains[SearchDomain]yes Search domains within the organization. See SearchDomain.
statsOrganizationStatsyes Statistics of the organization. See OrganizationStats.
trialStartedAtlong  Date organization's trial started.