# Collect data from Abnormal Security Client API

This API is for managing threats to an organization identified by **Abnormal Security**. The organization should be integrated with Abnormal Security and enabled for real-time detection of malicious emails.

This API uses **Bearer** authentication to retrieve events through paginated API calls.

{% hint style="warning" %}
This API restricts the IPs that consumes the data from them through an IP Whitelisting mechanism. To allowlist your organization’s IPs, please enter into the Abnormal portal specific IPv4 / IPv6 addresses, or a range of addresses using a CIDR block.
{% endhint %}