Skip to content
Go to file


Build_Status Coverage Version


NOTE: This is an OASIS TC Open Repository. See the Governance section for more information.

cti-taxii-client is a minimal client implementation for the TAXII 2.X server. It supports the following TAXII 2.X API services:

  • Server Discovery
  • Get API Root Information
  • Get Status
  • Get Collections
  • Get a Collection
  • Get Objects
  • Add Objects
  • Get an Object
  • Delete an Object (2.1 only)
  • Get Object Manifests
  • Get Object Versions (2.1 only)


The easiest way to install the TAXII client is with pip

$ pip install taxii2-client


The TAXII client is intended to be used as a Python library. There are no command line clients at this time.

taxii2-client provides four classes:

  • Server
  • ApiRoot
  • Collection
  • Status

Each can be instantiated by passing a url, and (optional) user and password arguments. The authorization information is stored in the instance, so it need not be supplied explicitly when requesting services. By default, the latest version of the supported spec will be imported. If you need a specific version you can perform the following:

from taxii2client.v21 import Server
server = Server('', user='user_id', password='user_password')

Once you have instantiated a Server object, you can get all metadata about its contents via its properties:


This will lazily load and cache the server's information in the instance:

  • api_roots
  • title
  • description
  • default (i.e. the default API root)
  • contact

You can follow references to ApiRoot objects, Collection objects, and (STIX) objects in those collections.

api_root = server.api_roots[0]
collection = api_root.collections[0]

Each ApiRoot has attributes corresponding to its meta data

  • title
  • description
  • max_content_length
  • collections

Each Collection has attributes corresponding to its meta data:

  • id
  • title
  • description
  • alias (2.1 only)
  • can_write
  • can_read
  • media_types

A Collection can also be instantiated directly:

# Performing TAXII 2.0 Requests
from taxii2client.v20 import Collection, as_pages

collection = Collection('')

# For normal (no pagination) requests

# For pagination requests.
for bundle in as_pages(collection.get_objects, per_request=50):

for manifest_resource in as_pages(collection.get_manifest, per_request=50):

# ---------------------------------------------------------------- #
# Performing TAXII 2.1 Requests
from taxii2client.v21 import Collection

collection = Collection('')

# For normal (no pagination) requests

# For pagination requests.
envelope = collection.get_objects(limit=50)
while envelope.get("more", False):
    envelope = collection.get_objects(limit=50, next=envelope.get("next", ""))

envelope = collection.get_manifest(limit=50)
while envelope.get("more", False):
    envelope = collection.get_manifest(limit=50, next=envelope.get("next", ""))

In addition to the object-specific properties and methods, all classes have a refresh() method that reloads the URL corresponding to that resource, to ensure properties have the most up-to-date values.


This GitHub public repository ( ) was created at the request of the OASIS Cyber Threat Intelligence (CTI) TC as an OASIS TC Open Repository to support development of open source resources related to Technical Committee work.

While this TC Open Repository remains associated with the sponsor TC, its development priorities, leadership, intellectual property terms, participation rules, and other matters of governance are separate and distinct from the OASIS TC Process and related policies.

All contributions made to this TC Open Repository are subject to open source license terms expressed in the BSD-3-Clause License. That license was selected as the declared "Applicable License" when the TC Open Repository was created.

As documented in "Public Participation Invited", contributions to this OASIS TC Open Repository are invited from all parties, whether affiliated with OASIS or not. Participants must have a GitHub account, but no fees or OASIS membership obligations are required. Participation is expected to be consistent with the OASIS TC Open Repository Guidelines and Procedures, the open source LICENSE designated for this particular repository, and the requirement for an Individual Contributor License Agreement that governs intellectual property.


TC Open Repository Maintainers are responsible for oversight of this project's community development activities, including evaluation of GitHub pull requests and preserving open source principles of openness and fairness. Maintainers are recognized and trusted experts who serve to implement community goals and consensus design preferences.

Initially, the associated TC members have designated one or more persons to serve as Maintainer(s); subsequently, participating community members may select additional or substitute Maintainers, per consensus agreements.

Current Maintainers of this TC Open Repository

About OASIS TC Open Repositories


Questions or comments about this TC Open Repository's activities should be composed as GitHub issues or comments. If use of an issue/comment is not possible or appropriate, questions may be directed by email to the Maintainer(s) listed above. Please send general questions about Open Repository participation to OASIS Staff at and any specific CLA-related questions to

You can’t perform that action at this time.