> For the complete documentation index, see [llms.txt](https://doc.keepnetlabs.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://doc.keepnetlabs.com/api-reference/reseller/companies/scope-api-requests-to-customer.md). # Scope API requests to a customer As a Reseller you manage multiple customer companies. Most list/report endpoints return data for **all** companies you manage. To get or change data for **one specific customer**, send that customer’s Company ID in the request. This page explains how Reseller scope works and where to pass Company ID. *** ## POST /api/companies/search Get the customer's Company ID. Use the `resourceId` of the desired company as `X-KEEPNET-Company-Id` in scoped requests. > Retrieves a paginated list of all companies you manage with license details. Each item includes `resourceId` — use it as the Company ID for scoped requests. **Test it:** Authorize with Client ID/Secret, then Send — request body is pre-filled. {% openapi src="/files/YqgEnchxXuSVklhH9GGT" path="/api/companies/search" method="post" expanded="true" %} [keepnet-api-spec.json](https://3453589210-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F-LMcQ_WCXOrHv3r05ae5%2Fuploads%2Fgit-blob-31c738c1a6bb3d2911bd3730c780d6ad7fa6bbad%2Fkeepnet-api-spec.json?alt=media) {% endopenapi %} From the response, pick the company and note its `resourceId`. Use that value as `X-KEEPNET-Company-Id` or `companyId` in the endpoints listed under "Where to use Company ID" below. *** ## How Reseller scope works * **Without Company ID:** Endpoints such as `POST /api/companies/search` and `GET /api/companies/my` return data for every company you (the Reseller) manage. * **With Company ID:** To limit results or actions to a single customer (e.g. training report, phishing campaigns, target users), send the customer’s Company ID so the API scopes the response or operation to that company. *** ## How to send Company ID Use one of these: * **Header (recommended):** `X-KEEPNET-Company-Id: ` * **Query:** `?companyId=` * **Path:** Some endpoints use `{companyId}` or `{resourceId}` in the path (e.g. `GET /api/companies/{resourceId}`). Obtain customer Company IDs from [List companies with license details →](/api-reference/reseller/companies/list-companies-with-license-details.md) (`POST /api/companies/search`). The response includes `resourceId` per company — use that as `X-KEEPNET-Company-Id` or `companyId`. Use dummy/placeholder IDs in examples (H8d). *** ## Where to use Company ID * **Reports:** Training, phishing, gamification, executive summaries, audit logs — pass Company ID to get that customer’s data. [View customer's enrollment list and report →](/api-reference/reseller/training/view-customer-enrollment-list-and-report.md), [View customer's enrollment sending, certificates, and notifications →](/api-reference/reseller/training/view-customer-enrollment-sending-certificates-notifications.md), [View customer's campaign list and report →](/api-reference/reseller/phishing-simulation/view-customer-simulation-campaign-list-and-report.md), [Pull executive report data for a customer →](/api-reference/reseller/reports/pull-executive-report-data-for-customer.md). Endpoint details: see **Endpoints** in the API Reference sidebar (TrainingReport, PhishingCampaign, ExecutiveReport, etc.). * **Company & Users:** Add target users, target groups, enroll users in training, manage system users, set up SCIM — use Company ID to scope the operation to one customer. [Add target users for a customer →](/api-reference/reseller/users-and-groups/add-target-users-for-customer.md), [List or export target users for a customer →](/api-reference/reseller/users-and-groups/list-or-export-target-users-for-customer.md), [List and create target groups for a customer →](/api-reference/reseller/users-and-groups/list-and-create-target-groups-for-customer.md), [Set up SCIM for a customer →](/api-reference/reseller/users-and-groups/set-up-scim-for-customer.md), [Add system user for a customer →](/api-reference/reseller/users-and-groups/add-system-user-for-customer.md), [Create a REST API client for a customer →](/api-reference/reseller/companies/create-rest-api-client-for-customer.md). To create a new company (onboard): [Create a company →](/api-reference/reseller/companies/onboard-new-customer.md). To get, update, or delete a company: [Get a company →](/api-reference/reseller/companies/get-a-company.md), [Update a company →](/api-reference/reseller/companies/update-a-company.md), [Delete a company →](/api-reference/reseller/companies/delete-a-company.md). * **Phishing simulation:** List scenarios and create/start campaigns for a customer. [List phishing scenarios for a customer →](/api-reference/reseller/phishing-simulation/list-phishing-scenarios-for-customer.md), [Create and start phishing campaign for a customer →](/api-reference/reseller/phishing-simulation/create-and-start-phishing-campaign-for-customer.md). {% hint style="info" %} **Quickstart:** Company ID usage is summarized in the [Quickstart →](/api-reference/quickstart.md) under “Reseller: scope by Company ID”. {% endhint %} *** ## Common errors * **403 Forbidden** — Credential is not Reseller, or the Company ID is not one you manage. Set Client Role = **Reseller**. [Roles and permissions →](/next-generation-product/platform/company/system-users/user-roles.md) * **401 Unauthorized** — Missing or invalid token. Request a new token via `POST /connect/token`. * **404 Not Found** — Invalid or unknown Company ID. Verify from `POST /api/companies/search`. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://doc.keepnetlabs.com/api-reference/reseller/companies/scope-api-requests-to-customer.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.