get
/public_api/appsec/v1/scans/ci
CI scans detect exposed secrets, misconfigurations in your infrastructure-as-code (IaC) files, vulnerabilities in your software composition analysis (SCA) packages, and license non-compliance in your CI pipelines.
Get the details of CI scans.
How to access CI scans in the UI: Under Modules select Application Security > CI Scans (under Scans).
Required licenses: Cortex XSIAM Premium. In Cortex XSIAM Enterprise and Cortex NG SIEM, requires the Cortex Cloud Posture Management add-on. Not supported in Cortex XSIAM Enterprise Plus.
Request headers
Authorization
String
required
{api_key}
{api_key}
Example:
UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP
x-xdr-auth-id
String
required
{api_key_id}
{api_key_id}
Example:
241
Query parameters
organizationName String
Example:
organizationName_example
repositories array[String]
ciStatus ScanStatus
scanHealth ScanHealthEnum
days Double
double
Example:
1.2
Default:
7
offset Double
double
Example:
1.2
Default:
0
limit Double
double
Example:
1.2
Default:
100
CLIENT REQUEST
curl -X 'GET'
-H
'Accept: application/json'
-H
'Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP '
-H
'x-xdr-auth-id: 241'
'https://api-yourfqdn/public_api/appsec/v1/scans/ci?organizationName=organizationName_example&repositories=&ciStatus=&scanHealth=&days=1.2&offset=1.2&limit=1.2'
import http.client
conn = http.client.HTTPSConnection("api-yourfqdn")
headers = {
'Authorization': "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
'x-xdr-auth-id': "241"
}
conn.request("GET", "/public_api/appsec/v1/scans/ci?organizationName=SOME_STRING_VALUE&repositories=SOME_ARRAY_VALUE&ciStatus=SOME_STRING_VALUE&scanHealth=SOME_STRING_VALUE&days=SOME_NUMBER_VALUE&offset=SOME_NUMBER_VALUE&limit=SOME_NUMBER_VALUE", headers=headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api-yourfqdn/public_api/appsec/v1/scans/ci?organizationName=SOME_STRING_VALUE&repositories=SOME_ARRAY_VALUE&ciStatus=SOME_STRING_VALUE&scanHealth=SOME_STRING_VALUE&days=SOME_NUMBER_VALUE&offset=SOME_NUMBER_VALUE&limit=SOME_NUMBER_VALUE")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Get.new(url)
request["Authorization"] = 'UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP '
request["x-xdr-auth-id"] = '241'
response = http.request(request)
puts response.read_bodyconst data = null;
const xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("GET", "https://api-yourfqdn/public_api/appsec/v1/scans/ci?organizationName=SOME_STRING_VALUE&repositories=SOME_ARRAY_VALUE&ciStatus=SOME_STRING_VALUE&scanHealth=SOME_STRING_VALUE&days=SOME_NUMBER_VALUE&offset=SOME_NUMBER_VALUE&limit=SOME_NUMBER_VALUE");
xhr.setRequestHeader("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
xhr.setRequestHeader("x-xdr-auth-id", "241");
xhr.send(data);HttpResponse<String> response = Unirest.get("https://api-yourfqdn/public_api/appsec/v1/scans/ci?organizationName=SOME_STRING_VALUE&repositories=SOME_ARRAY_VALUE&ciStatus=SOME_STRING_VALUE&scanHealth=SOME_STRING_VALUE&days=SOME_NUMBER_VALUE&offset=SOME_NUMBER_VALUE&limit=SOME_NUMBER_VALUE")
.header("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ")
.header("x-xdr-auth-id", "241")
.asString();import Foundation
let headers = [
"Authorization": "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
"x-xdr-auth-id": "241"
]
let request = NSMutableURLRequest(url: NSURL(string: "https://api-yourfqdn/public_api/appsec/v1/scans/ci?organizationName=SOME_STRING_VALUE&repositories=SOME_ARRAY_VALUE&ciStatus=SOME_STRING_VALUE&scanHealth=SOME_STRING_VALUE&days=SOME_NUMBER_VALUE&offset=SOME_NUMBER_VALUE&limit=SOME_NUMBER_VALUE")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "GET"
request.allHTTPHeaderFields = headers
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api-yourfqdn/public_api/appsec/v1/scans/ci?organizationName=SOME_STRING_VALUE&repositories=SOME_ARRAY_VALUE&ciStatus=SOME_STRING_VALUE&scanHealth=SOME_STRING_VALUE&days=SOME_NUMBER_VALUE&offset=SOME_NUMBER_VALUE&limit=SOME_NUMBER_VALUE",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => [
"Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
"x-xdr-auth-id: 241"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}CURL *hnd = curl_easy_init();
curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "GET");
curl_easy_setopt(hnd, CURLOPT_URL, "https://api-yourfqdn/public_api/appsec/v1/scans/ci?organizationName=SOME_STRING_VALUE&repositories=SOME_ARRAY_VALUE&ciStatus=SOME_STRING_VALUE&scanHealth=SOME_STRING_VALUE&days=SOME_NUMBER_VALUE&offset=SOME_NUMBER_VALUE&limit=SOME_NUMBER_VALUE");
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
headers = curl_slist_append(headers, "x-xdr-auth-id: 241");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers);
CURLcode ret = curl_easy_perform(hnd);var client = new RestClient("https://api-yourfqdn/public_api/appsec/v1/scans/ci?organizationName=SOME_STRING_VALUE&repositories=SOME_ARRAY_VALUE&ciStatus=SOME_STRING_VALUE&scanHealth=SOME_STRING_VALUE&days=SOME_NUMBER_VALUE&offset=SOME_NUMBER_VALUE&limit=SOME_NUMBER_VALUE");
var request = new RestRequest(Method.GET);
request.AddHeader("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
request.AddHeader("x-xdr-auth-id", "241");
IRestResponse response = client.Execute(request);Responses
Ok
Body
application/json
[issuesFoundobject
Additional propertiesnumberdouble
findingsSeverityBreakdownobject
Additional propertiesnumberdouble
findingsTypesBreakdownobject
Additional propertiesnumberdouble
issuesTypesBreakdownobject
Additional propertiesnumberdouble
repositoryIdstring
integrationIdstring
scanIdstring
providerstring
blockingPolicyNamestring
blockingPolicyIdstring
ciStatusstring (Enum)
scanHealthstring (Enum)
scanDatestring
branchNamestring
organizationNamestring
repoNamestring
]
issuesFoundobject
Additional propertiesnumberdouble
findingsSeverityBreakdownobject
Additional propertiesnumberdouble
findingsTypesBreakdownobject
Additional propertiesnumberdouble
issuesTypesBreakdownobject
Additional propertiesnumberdouble
repositoryIdstringID of the scanned repository
ID of the scanned repository
integrationIdstring
scanIdstring
providerstring
blockingPolicyNamestring
blockingPolicyIdstring
ciStatusstring (Enum)Status of the PR scan. Valid values include:
PASSEDPASSED_WITH_ISSUESBLOCKEDIN_PROGRESSERRORFAILED
Status of the PR scan. Valid values include:
PASSEDPASSED_WITH_ISSUESBLOCKEDIN_PROGRESSERRORFAILED
Allowed values:"ERROR""FAILED""IN_PROGRESS""PASSED""PASSED_WITH_ISSUES"
scanHealthstring (Enum)The health of the scan. Valid values include:
ERROR: Indicates an error with the scanPARTIALLY_COMPLETED: Indicates that the scan executed partially with some scan modules succeeded and others failingIN_PROGRESS: The scan is in progressCOMPLETED: Indicates that the scan is complete
The health of the scan. Valid values include:
ERROR: Indicates an error with the scanPARTIALLY_COMPLETED: Indicates that the scan executed partially with some scan modules succeeded and others failingIN_PROGRESS: The scan is in progressCOMPLETED: Indicates that the scan is complete
Allowed values:"COMPLETED""ERROR""PARTIALLY_COMPLETED""IN_PROGRESS"
scanDatestringThe timestamp of the last scan execution
The timestamp of the last scan execution
branchNamestringThe name of the branch analyzed during the scan
The name of the branch analyzed during the scan
organizationNamestringName of the organization owning the repository
Name of the organization owning the repository
repoNamestringName of the scanned repository
Name of the scanned repository
RESPONSE
[
{
"issuesFound": {},
"findingsSeverityBreakdown": {},
"findingsTypesBreakdown": {},
"issuesTypesBreakdown": {},
"repositoryId": "example",
"integrationId": "example",
"scanId": "example",
"provider": "example",
"blockingPolicyName": "example",
"blockingPolicyId": "example",
"ciStatus": "ERROR",
"scanHealth": "COMPLETED",
"scanDate": "example",
"branchName": "example",
"organizationName": "example",
"repoName": "example"
}
]