Returns a list of unique repository users who are considered active contributors for billing calculations.
An active contributor is defined as a unique (by email), non-bot human user who has committed code within the last 90 days to a billable, non-archived repository that has at least one security scanner enabled.
Note: You must have the Instance Administrator permissions to run this endpoint.
Required license:
Cortex XSIAM Premium. In Cortex XSIAM Enterprise and Cortex NG SIEM, requires the Cortex Cloud Posture Management add-on. Not supported in XSIAM Enterprise Plus.
Authorization
String
required
{api_key}
{api_key}
your_api_key_here
x-xdr-auth-id
String
required
{api_key_id}
{api_key_id}
1
curl -X 'GET'
-H
'Accept: application/json'
-H
'Authorization: your_api_key_here'
-H
'x-xdr-auth-id: 1'
'https://api-yourfqdn/public_api/appsec/v1/billing/contributors'
import http.client
conn = http.client.HTTPSConnection("api-yourfqdn")
headers = {
'Authorization': "your_api_key_here",
'x-xdr-auth-id': "1"
}
conn.request("GET", "/public_api/appsec/v1/billing/contributors", headers=headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api-yourfqdn/public_api/appsec/v1/billing/contributors")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Get.new(url)
request["Authorization"] = 'your_api_key_here'
request["x-xdr-auth-id"] = '1'
response = http.request(request)
puts response.read_bodyconst data = null;
const xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("GET", "https://api-yourfqdn/public_api/appsec/v1/billing/contributors");
xhr.setRequestHeader("Authorization", "your_api_key_here");
xhr.setRequestHeader("x-xdr-auth-id", "1");
xhr.send(data);HttpResponse<String> response = Unirest.get("https://api-yourfqdn/public_api/appsec/v1/billing/contributors")
.header("Authorization", "your_api_key_here")
.header("x-xdr-auth-id", "1")
.asString();import Foundation
let headers = [
"Authorization": "your_api_key_here",
"x-xdr-auth-id": "1"
]
let request = NSMutableURLRequest(url: NSURL(string: "https://api-yourfqdn/public_api/appsec/v1/billing/contributors")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "GET"
request.allHTTPHeaderFields = headers
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api-yourfqdn/public_api/appsec/v1/billing/contributors",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => [
"Authorization: your_api_key_here",
"x-xdr-auth-id: 1"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}CURL *hnd = curl_easy_init();
curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "GET");
curl_easy_setopt(hnd, CURLOPT_URL, "https://api-yourfqdn/public_api/appsec/v1/billing/contributors");
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "Authorization: your_api_key_here");
headers = curl_slist_append(headers, "x-xdr-auth-id: 1");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers);
CURLcode ret = curl_easy_perform(hnd);var client = new RestClient("https://api-yourfqdn/public_api/appsec/v1/billing/contributors");
var request = new RestRequest(Method.GET);
request.AddHeader("Authorization", "your_api_key_here");
request.AddHeader("x-xdr-auth-id", "1");
IRestResponse response = client.Execute(request);Ok
lastCommitDatestringThe date and time of the user's most recent commit. Used to determine contributor activity.
Note: Only users who committed within the last 90 days are considered active contributors for billing.
The date and time of the user's most recent commit. Used to determine contributor activity. Note: Only users who committed within the last 90 days are considered active contributors for billing.
"2025-02-15T10:30:00.000Z"namestringrequiredThe display name of the repository user.
The display name of the repository user.
"Jane Doe"userNamestringThe username of the repository user on the VCS platform.
The username of the repository user on the VCS platform.
"janedoe"emailstringrequiredThe email address associated with the user. This value is used to uniquely identify contributors across repositories. Emails associated with bots or automated accounts (for example, action@github.com or *@users.noreply.github.com) are excluded.
The email address associated with the user. This value is used to uniquely identify contributors across repositories. Emails associated with bots or automated accounts (for example, action@github.com or *@users.noreply.github.com) are excluded.
"janedoe@example.com"repositoryIdstringrequiredThe unique identifier of the repository associated with the user. The repository must be billable (not archived and with at least one security scanner enabled).
The unique identifier of the repository associated with the user. The repository must be billable (not archived and with at least one security scanner enabled).
"a1b2c3d4e5f6a7b8c9d0e1f2"creationDatestringrequiredThe date and time when the user record was created in the system.
The date and time when the user record was created in the system.
"2025-06-01T08:00:00.000Z"rolestring (Enum)The permission level of the user within the repository.
The permission level of the user within the repository.
"WRITE"hasMfabooleanIndicates whether the user has multi-factor authentication (MFA) enabled on their VCS account.
Indicates whether the user has multi-factor authentication (MFA) enabled on their VCS account.
trueteamsarray[string]The names of the teams in the VCS organization that the user belongs to.
The names of the teams in the VCS organization that the user belongs to.
["backend-team","security-team"]isGuestbooleanIndicates whether the user is a guest (external collaborator) in the repository.
Indicates whether the user is a guest (external collaborator) in the repository.
isContributorbooleanIndicates whether the user is an active contributor.
Indicates whether the user is an active contributor.
trueisAdminbooleanIndicates whether the user has admin permissions for the repository.
Indicates whether the user has admin permissions for the repository.
emailOriginstring (Enum)The source from which the user's email address was obtained.
The source from which the user's email address was obtained.
"GIT"uniqueVcsIdstringA unique identifier assigned to the user by the VCS platform. Used to correlate the user across repositories and systems.
A unique identifier assigned to the user by the VCS platform. Used to correlate the user across repositories and systems.
"vcs-user-67890"[
{
"name": "Jane Doe",
"userName": "janedoe",
"email": "janedoe@example.com",
"repositoryId": "a1b2c3d4e5f6a7b8c9d0e1f2a",
"creationDate": "2025-06-01T08:00:00.000Z",
"lastCommitDate": "2025-02-15T10:30:00.000Z",
"role": "WRITE",
"hasMfa": true,
"teams": [
"backend-team",
"security-team"
],
"isGuest": false,
"isContributor": true,
"isAdmin": false,
"emailOrigin": "GIT",
"uniqueVcsId": "vcs-user-67890"
},
{
"name": "John Smith",
"userName": "johnsmith",
"email": "johnsmith@example.com",
"repositoryId": "repo-xyz-67890",
"creationDate": "2025-03-15T12:00:00.000Z",
"lastCommitDate": "2025-01-20T14:45:00.000Z",
"role": "DEVELOPER",
"hasMfa": false,
"teams": [
"frontend-team"
],
"isGuest": false,
"isContributor": true,
"isAdmin": false,
"emailOrigin": "API",
"uniqueVcsId": "vcs-user-11223"
}
]Bad Request - The request was malformed or contains invalid parameters.
replyobject
err_codeintegerThe HTTP status code of the error.
The HTTP status code of the error.
err_msgstringA short description of the error type.
A short description of the error type.
err_extrastringA detailed message explaining the cause of the error.
A detailed message explaining the cause of the error.
{
"reply": {
"err_code": 0,
"err_msg": "example",
"err_extra": "example"
}
}Unauthorized - The request is unauthenticated. Pass the correct auth credentials.
replyobject
err_codeintegerThe HTTP status code of the error.
The HTTP status code of the error.
err_msgstringA short description of the error type.
A short description of the error type.
err_extrastringA detailed message explaining the cause of the error.
A detailed message explaining the cause of the error.
{
"reply": {
"err_code": 401,
"err_msg": "Public API request unauthorized",
"err_extra": null
}
}Forbidden - Access to the resource is prohibited. Try with different auth credentials.
replyobject
err_codeintegerThe HTTP status code of the error.
The HTTP status code of the error.
err_msgstringA short description of the error type.
A short description of the error type.
err_extrastringA detailed message explaining the cause of the error.
A detailed message explaining the cause of the error.
{
"reply": {
"err_code": 403,
"err_msg": "Forbidden. Access was denied to this resource.",
"err_extra": "Insufficient permissions for api key"
}
}Not Found - The requested resource could not be found.
replyobject
err_codeintegerThe HTTP status code of the error.
The HTTP status code of the error.
err_msgstringA short description of the error type.
A short description of the error type.
err_extrastringA detailed message explaining the cause of the error.
A detailed message explaining the cause of the error.
{
"reply": {
"err_code": 0,
"err_msg": "example",
"err_extra": "example"
}
}Internal Server Error