Retrieves a list of all application assets using pagination.
Required license:
Cortex XSIAM Premium. In Cortex XSIAM Enterprise and Cortex NG SIEM, requires the Cortex Cloud Posture Management add-on. Not supported in XSIAM Enterprise Plus.
Authorization
String
required
{api_key}
{api_key}
UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP
x-xdr-auth-id
String
required
{api_key_id}
{api_key_id}
241
page
Double
Page number of the results to retrieve for pagination.
double
Page number of the results to retrieve for pagination.
1.2
pageSize
Double
Number of records returned per page.
double
Number of records returned per page.
1.2
curl -X 'GET'
-H
'Accept: application/json'
-H
'Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP '
-H
'x-xdr-auth-id: 241'
'https://api-yourfqdn/public_api/appsec/v1/application?page=1.2&pageSize=1.2'
import http.client
conn = http.client.HTTPSConnection("api-yourfqdn")
headers = {
'Authorization': "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
'x-xdr-auth-id': "241"
}
conn.request("GET", "/public_api/appsec/v1/application?page=SOME_NUMBER_VALUE&pageSize=SOME_NUMBER_VALUE", headers=headers)
res = conn.getresponse()
data = res.read()
print(data.decode("utf-8"))require 'uri'
require 'net/http'
require 'openssl'
url = URI("https://api-yourfqdn/public_api/appsec/v1/application?page=SOME_NUMBER_VALUE&pageSize=SOME_NUMBER_VALUE")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
request = Net::HTTP::Get.new(url)
request["Authorization"] = 'UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP '
request["x-xdr-auth-id"] = '241'
response = http.request(request)
puts response.read_bodyconst data = null;
const xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});
xhr.open("GET", "https://api-yourfqdn/public_api/appsec/v1/application?page=SOME_NUMBER_VALUE&pageSize=SOME_NUMBER_VALUE");
xhr.setRequestHeader("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
xhr.setRequestHeader("x-xdr-auth-id", "241");
xhr.send(data);HttpResponse<String> response = Unirest.get("https://api-yourfqdn/public_api/appsec/v1/application?page=SOME_NUMBER_VALUE&pageSize=SOME_NUMBER_VALUE")
.header("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ")
.header("x-xdr-auth-id", "241")
.asString();import Foundation
let headers = [
"Authorization": "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
"x-xdr-auth-id": "241"
]
let request = NSMutableURLRequest(url: NSURL(string: "https://api-yourfqdn/public_api/appsec/v1/application?page=SOME_NUMBER_VALUE&pageSize=SOME_NUMBER_VALUE")! as URL,
cachePolicy: .useProtocolCachePolicy,
timeoutInterval: 10.0)
request.httpMethod = "GET"
request.allHTTPHeaderFields = headers
let session = URLSession.shared
let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in
if (error != nil) {
print(error)
} else {
let httpResponse = response as? HTTPURLResponse
print(httpResponse)
}
})
dataTask.resume()<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api-yourfqdn/public_api/appsec/v1/application?page=SOME_NUMBER_VALUE&pageSize=SOME_NUMBER_VALUE",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => [
"Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ",
"x-xdr-auth-id: 241"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}CURL *hnd = curl_easy_init();
curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "GET");
curl_easy_setopt(hnd, CURLOPT_URL, "https://api-yourfqdn/public_api/appsec/v1/application?page=SOME_NUMBER_VALUE&pageSize=SOME_NUMBER_VALUE");
struct curl_slist *headers = NULL;
headers = curl_slist_append(headers, "Authorization: UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
headers = curl_slist_append(headers, "x-xdr-auth-id: 241");
curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers);
CURLcode ret = curl_easy_perform(hnd);var client = new RestClient("https://api-yourfqdn/public_api/appsec/v1/application?page=SOME_NUMBER_VALUE&pageSize=SOME_NUMBER_VALUE");
var request = new RestRequest(Method.GET);
request.AddHeader("Authorization", "UCoWpG4rkNzgCp2dsh8m02iVpZsskwKHz7N1tErPcUV3Wmf59Gc9kytmgOv0pDWoem3PBlORyRIPiir4OcYdWUOWAM3JyTgoCxQf4nQoTlKmFRKz9Bj5vIjluw66p9WP ");
request.AddHeader("x-xdr-auth-id", "241");
IRestResponse response = client.Execute(request);Ok
dataarrayrequired
criteriaIdstringA unique identifier of the criteria.
A unique identifier of the criteria.
criteriaNamestringName of the criteria.
Name of the criteria.
risknumberdoubleCalculated risk score associated with the criteria or asset.
Calculated risk score associated with the criteria or asset.
idstringUnique identifier of the resource.
Unique identifier of the resource.
strongIdstringGlobally unique, immutable identifier for the resource.
Globally unique, immutable identifier for the resource.
namestringName of the application asset.
Name of the application asset.
descriptionstringDescription providing additional details about the asset.
Description providing additional details about the asset.
exposuresarray[string]
coveragenumberdoubleRepresents the level of coverage applied to the asset.
Represents the level of coverage applied to the asset.
businessCriticalitystring (Enum)The operational importance of the asset.
The operational importance of the asset.
businessUnitstringBusiness unit responsible for the asset.
Business unit responsible for the asset.
creationTypestring (Enum)requiredDefines how the application asset is created.
Defines how the application asset is created.
businessOwnerarray[string]Business owners responsible for the asset.
Business owners responsible for the asset.
devOwnerarray[string]Development owners responsible for building and maintaining the asset.
Development owners responsible for building and maintaining the asset.
devOpsOwnerarray[string]DevOps owners responsible for deployment and operations.
DevOps owners responsible for deployment and operations.
productManagerarray[string]Product managers responsible for the asset.
Product managers responsible for the asset.
dataGovernancestring (Enum)Type of data governance applied to the asset.
Type of data governance applied to the asset.
compliancestring (Enum)The compliance status or requirement category for an asset.
The compliance status or requirement category for an asset.
environmentsstringEnvironment in which the asset is deployed (for example, development, staging, or production).
Environment in which the asset is deployed (for example, development, staging, or production).
assetsCountnumberdoubleTotal number of assets included in the response.
Total number of assets included in the response.
configobjectConfiguration settings associated with the application.
Configuration settings associated with the application.
lastRefreshDatestringdate-timeDate and time when the application data was last refreshed.
Date and time when the application data was last refreshed.
assetSelectionobjectDefine the logic for how specific technical assets must be linked to this application.
Define the logic for how specific technical assets must be linked to this application.
selectionTypestring (Enum)requiredMethod to select application assets.
Method to select application assets.
sectionstring (Enum)requiredIdentifies the functional section to which the asset selection applies.
Identifies the functional section to which the asset selection applies.
filterobjectDefines filter criteria to dynamically select application assets. This field supports one of the supported application asset selection filter types.
Defines filter criteria to dynamically select application assets. This field supports one of the supported application asset selection filter types.
valuesarray[string]requiredIf the filterType is REPOSITORY, enter the repository ID as the value.
If the filterType is ORGANIZATION, enter the organization URL of the provider.
If the filterType is REPOSITORY, enter the repository ID as the value.
If the filterType is ORGANIZATION, enter the organization URL of the provider.
providerobject
string (Enum)Build system or CI provider used for the asset. Allowed values: CIRCLE_CI JENKINS GITLAB_CI AZURE_PIPELINES GITHUB_ACTIONS
Build system or CI provider used for the asset. Allowed values: CIRCLE_CI JENKINS GITLAB_CI AZURE_PIPELINES GITHUB_ACTIONS
string (Enum)Source code management (SCM) or code hosting provider.
Allowed values: GITLAB, GITHUB, BITBUCKET, AZURE_REPOS, AWS_CODE_COMMIT
Source code management (SCM) or code hosting provider.
Allowed values: GITLAB, GITHUB, BITBUCKET, AZURE_REPOS, AWS_CODE_COMMIT
string (Enum)Runtime or execution environment provider for the application or asset. Allowed Values: GCP, AWS, AZURE
Runtime or execution environment provider for the application or asset. Allowed Values: GCP, AWS, AZURE
string (Enum)Deployment platform or system used to deploy the application or asset. Allowed values: ACR ECR GAR JFrog Docker
Deployment platform or system used to deploy the application or asset. Allowed values: ACR ECR GAR JFrog Docker
filterTypeobjectrequiredThe asset attribute used to filter assets from the selected provider.
The asset attribute used to filter assets from the selected provider.
string (Enum)Specifies the available values for the code type filter.
Specifies the available values for the code type filter.
string (Enum)Specifies the available values for the run type filter.
Specifies the available values for the run type filter.
valuesobjectrequiredContainer for filter values used to match application assets.
Container for filter values used to match application assets.
orgUrlstringOrganization URL used to filter assets belonging to a specific organization.
Organization URL used to filter assets belonging to a specific organization.
repositoryIdstringUnique identifier of the repository used to filter assets.
Unique identifier of the repository used to filter assets.
projectUrlstringProject URL used to filter assets belonging to a specific project.
Project URL used to filter assets belonging to a specific project.
orgUnifyFilterobjectDefines unification rules applied at the organization level.
Defines unification rules applied at the organization level.
providersobjectrequired
string (Enum)Build system or CI provider used for the asset. Allowed values: CIRCLE_CI JENKINS GITLAB_CI AZURE_PIPELINES GITHUB_ACTIONS
Build system or CI provider used for the asset. Allowed values: CIRCLE_CI JENKINS GITLAB_CI AZURE_PIPELINES GITHUB_ACTIONS
string (Enum)Source code management (SCM) or code hosting provider.
Allowed values: GITLAB, GITHUB, BITBUCKET, AZURE_REPOS, AWS_CODE_COMMIT
Source code management (SCM) or code hosting provider.
Allowed values: GITLAB, GITHUB, BITBUCKET, AZURE_REPOS, AWS_CODE_COMMIT
string (Enum)Runtime or execution environment provider for the application or asset. Allowed Values: GCP, AWS, AZURE
Runtime or execution environment provider for the application or asset. Allowed Values: GCP, AWS, AZURE
string (Enum)Deployment platform or system used to deploy the application or asset. Allowed values: ACR ECR GAR JFrog Docker
Deployment platform or system used to deploy the application or asset. Allowed values: ACR ECR GAR JFrog Docker
namestringrequiredName of the organization used for asset unification.
Name of the organization used for asset unification.
projectUnifyFilterobjectDefines unification rules applied at the project level.
Defines unification rules applied at the project level.
providersobjectrequired
string (Enum)Build system or CI provider used for the asset. Allowed values: CIRCLE_CI JENKINS GITLAB_CI AZURE_PIPELINES GITHUB_ACTIONS
Build system or CI provider used for the asset. Allowed values: CIRCLE_CI JENKINS GITLAB_CI AZURE_PIPELINES GITHUB_ACTIONS
string (Enum)Source code management (SCM) or code hosting provider.
Allowed values: GITLAB, GITHUB, BITBUCKET, AZURE_REPOS, AWS_CODE_COMMIT
Source code management (SCM) or code hosting provider.
Allowed values: GITLAB, GITHUB, BITBUCKET, AZURE_REPOS, AWS_CODE_COMMIT
string (Enum)Runtime or execution environment provider for the application or asset. Allowed Values: GCP, AWS, AZURE
Runtime or execution environment provider for the application or asset. Allowed Values: GCP, AWS, AZURE
string (Enum)Deployment platform or system used to deploy the application or asset. Allowed values: ACR ECR GAR JFrog Docker
Deployment platform or system used to deploy the application or asset. Allowed values: ACR ECR GAR JFrog Docker
namestringrequiredName of the project used for asset unification.
Name of the project used for asset unification.
repositoryUnifyFilterobjectDefines unification rules applied at the repository level.
Defines unification rules applied at the repository level.
providersobjectrequired
string (Enum)Build system or CI provider used for the asset. Allowed values: CIRCLE_CI JENKINS GITLAB_CI AZURE_PIPELINES GITHUB_ACTIONS
Build system or CI provider used for the asset. Allowed values: CIRCLE_CI JENKINS GITLAB_CI AZURE_PIPELINES GITHUB_ACTIONS
string (Enum)Source code management (SCM) or code hosting provider.
Allowed values: GITLAB, GITHUB, BITBUCKET, AZURE_REPOS, AWS_CODE_COMMIT
Source code management (SCM) or code hosting provider.
Allowed values: GITLAB, GITHUB, BITBUCKET, AZURE_REPOS, AWS_CODE_COMMIT
string (Enum)Runtime or execution environment provider for the application or asset. Allowed Values: GCP, AWS, AZURE
Runtime or execution environment provider for the application or asset. Allowed Values: GCP, AWS, AZURE
string (Enum)Deployment platform or system used to deploy the application or asset. Allowed values: ACR ECR GAR JFrog Docker
Deployment platform or system used to deploy the application or asset. Allowed values: ACR ECR GAR JFrog Docker
namestringrequiredName of the repository used for asset unification.
Name of the repository used for asset unification.
filterTypeobjectThe asset attribute used to filter assets from the selected provider.
The asset attribute used to filter assets from the selected provider.
string (Enum)Specifies the available values for the code type filter.
Specifies the available values for the code type filter.
string (Enum)Specifies the available values for the run type filter.
Specifies the available values for the run type filter.
stringDefines filter criteria to dynamically select application assets. This field supports one of the supported application asset selection filter types.
Defines filter criteria to dynamically select application assets. This field supports one of the supported application asset selection filter types.
assetIdsarray[string]A list of unique identifiers representing the assets to be included.
A list of unique identifiers representing the assets to be included.
updatedAtstringdate-timeDate and time when the configuration was last updated.
Date and time when the configuration was last updated.
deletedAtstringdate-timeDate and time when the configuration was deleted.
Date and time when the configuration was deleted.
enrichStatusstring (Enum)Indicates whether asset enrichment is currently in progress.
Indicates whether asset enrichment is currently in progress.
unifyAcrossProvidersbooleanIf multiple applications share the same name at the chosen group-by level (org, project, or repository), they are merged across providers to form a single unified application.
If multiple applications share the same name at the chosen group-by level (org, project, or repository), they are merged across providers to form a single unified application.
unifyWithinProviderbooleanRepositories with the same name at the selected group-by level (org, project, or repository) are consolidated into a single application within the selected provider.
Repositories with the same name at the selected group-by level (org, project, or repository) are consolidated into a single application within the selected provider.
hasNextbooleanrequiredIndicates whether additional results are available beyond the current page.
Indicates whether additional results are available beyond the current page.
{
"data": [
{
"criteriaId": "example",
"criteriaName": "example",
"risk": 0.1,
"id": "example",
"strongId": "example",
"name": "example",
"description": "example",
"exposures": [
"DeployedToProduction"
],
"coverage": 0.1,
"businessCriticality": "Critical",
"businessUnit": "example",
"creationType": "Auto",
"businessOwner": [
"example"
],
"devOwner": [
"example"
],
"devOpsOwner": [
"example"
],
"productManager": [
"example"
],
"dataGovernance": "PII",
"compliance": "PCI-DSS",
"environments": "example",
"assetsCount": 0.1,
"config": {
"lastRefreshDate": "2020-01-01T12:00:00Z",
"assetSelection": {
"selectionType": "filter",
"section": "code",
"filter": "example",
"assetIds": [
"example"
]
}
},
"updatedAt": "2020-01-01T12:00:00Z",
"deletedAt": "2020-01-01T12:00:00Z",
"enrichStatus": "IN_PROGRESS",
"unifyAcrossProviders": false,
"unifyWithinProvider": false
}
],
"hasNext": false
}