TAXII 2.1 Server Overview
  • 21 Mar 2024
  • 1 Minute to read
  • Dark

TAXII 2.1 Server Overview

  • Dark

Article Summary


The ThreatConnect® TAXII™ 2.1 server, which operates via a ThreatConnect Service App, can be used by an external TAXII client to retrieve data from your Organization and any Communities or Sources to which you have access. To connect to the ThreatConnect TAXII 2.1 server, the external TAXII client will require login credentials (username and password), which are configured by creating a TAXII user.

The ThreatConnect TAXII 2.1 server supports Status, Collections, Manifest, and Objects requests. The latest version of TAXII 2.1 documentation is available at

The articles in this section cover using the TAXII 2.1 server in ThreatConnect. For information on using the TAXII 1.server in ThreatConnect, see Using the ThreatConnect TAXII Server.

Before You Start

Minimum Role(s)
  • System role of Administrator to install the ThreatConnect TAXII Server Service App, configure the corresponding Service, and, if needed, set the TAXII User Limit for your Organization 
  • Organization role of Organization Administrator to create the TAXII user that will use the App
  • Playbooks enabled by a System Administrator
  • Your Organization’s TAXII User Limit must be set to a value greater than zero
  • A TAXII user account is required to retrieve data from the ThreatConnect TAXII 2.1 server

ThreatConnect® is a registered trademark of ThreatConnect, Inc.
TAXII™ is a trademark of The MITRE Corporation.

20103-01 v.05.A

Was this article helpful?