Use the public API workflow to perform CRUD operations on collector instances and upload SARIF files. Validate SARIF files in the tenant console before upload.
The Collector can be managed and findings can be uploaded programmatically through the Cortex Cloud API. The API is the only channel for uploading SARIF findings to the platform.
The public API supports CRUD operations on collector instances through the /public_api/appsec/v1/data_source_instances endpoint and SARIF upload through the /public_api/appsec/v1/collectors/{collectorId} endpoint. SARIF validation is not available through the public API. Validate SARIF files through the tenant workflow before uploading.
When to use the API
Use the API for automated, recurring uploads from CI/CD pipelines and for programmatic management. Use the Cortex Cloud console for initial setup and one-time configuration.
Supported operations
Operation | Method | Endpoint | Description |
|---|---|---|---|
Create collector | POST |
| Create a new collector instance with the specified configuration. Returns the API URL and credentials. Must be used with |
List collectors | GET |
| Retrieve all collector instances. Filter by |
Get collector | GET |
| Retrieve a specific collector instance by its unique identifier |
Update collector | PUT |
| Update an existing collector configuration |
Delete collector | DELETE |
| Delete a collector instance. Invalidates the associated API credentials |
Upload findings | POST |
| Upload a SARIF file to ingest findings. Accepts |
Note
The apiUrl returned during collector creation resolves to the public upload endpoint at /public_api/appsec/v1/collectors/{collectorId}. Use the apiUrl value directly in upload requests.
Refer to the Cortex Cloud API documentation for more information about APIs.