Update an AppSec Data Source

Cortex XSIAM Platform APIs
put /public_api/appsec/v1/data_source_instances/{id}

Update the configuration of an existing data source instance.

Required license:

Cortex XSIAM Premium. In Cortex XSIAM Enterprise and Cortex NG SIEM, requires the Cortex Cloud Posture Management add-on. Not supported in XSIAM Enterprise Plus.

Path parameters
id String required

Unique ID of the data source instance to update. You can retrieve this value from the id field in the response of Get all Data Sources or Create Appsec Data Sources endpoint.
Example: id_example
Request headers
Authorization String required

{api_key}
Example: your_api_key_here
x-xdr-auth-id String required

{api_key_id}
Example: 1
CLIENT REQUEST
curl -X 'PUT'
-H 'Accept: application/json'
-H 'Content-Type: application/json'
-H 'Authorization: your_api_key_here' -H 'x-xdr-auth-id: 1'
'https://api-yourfqdn/public_api/appsec/v1/data_source_instances/{id}'
-d '{ "externalProjects" : [ { "externalBranchName" : "externalBranchName", "repoId" : "repoId", "externalProjectId" : "externalProjectId", "branchName" : "branchName", "externalId" : "externalId" }, { "externalBranchName" : "externalBranchName", "repoId" : "repoId", "externalProjectId" : "externalProjectId", "branchName" : "branchName", "externalId" : "externalId" } ], "state" : [ "state", "state" ], "uniqueProperties" : "{}" }'
import http.client conn = http.client.HTTPSConnection("api-yourfqdn") payload = "{\"selectionType\":\"CURRENT_STATE\",\"state\":[\"string\"],\"externalProjects\":[{\"branchName\":\"string\",\"externalBranchName\":\"string\",\"externalId\":\"string\",\"externalProjectId\":\"string\",\"repoId\":\"string\"}],\"uniqueProperties\":{}}" headers = { 'Authorization': "your_api_key_here", 'x-xdr-auth-id': "1", 'content-type': "application/json" } conn.request("PUT", "/public_api/appsec/v1/data_source_instances/%7Bid%7D", payload, headers) res = conn.getresponse() data = res.read() print(data.decode("utf-8"))
require 'uri' require 'net/http' require 'openssl' url = URI("https://api-yourfqdn/public_api/appsec/v1/data_source_instances/%7Bid%7D") http = Net::HTTP.new(url.host, url.port) http.use_ssl = true http.verify_mode = OpenSSL::SSL::VERIFY_NONE request = Net::HTTP::Put.new(url) request["Authorization"] = 'your_api_key_here' request["x-xdr-auth-id"] = '1' request["content-type"] = 'application/json' request.body = "{\"selectionType\":\"CURRENT_STATE\",\"state\":[\"string\"],\"externalProjects\":[{\"branchName\":\"string\",\"externalBranchName\":\"string\",\"externalId\":\"string\",\"externalProjectId\":\"string\",\"repoId\":\"string\"}],\"uniqueProperties\":{}}" response = http.request(request) puts response.read_body
const data = JSON.stringify({ "selectionType": "CURRENT_STATE", "state": [ "string" ], "externalProjects": [ { "branchName": "string", "externalBranchName": "string", "externalId": "string", "externalProjectId": "string", "repoId": "string" } ], "uniqueProperties": {} }); const xhr = new XMLHttpRequest(); xhr.withCredentials = true; xhr.addEventListener("readystatechange", function () { if (this.readyState === this.DONE) { console.log(this.responseText); } }); xhr.open("PUT", "https://api-yourfqdn/public_api/appsec/v1/data_source_instances/%7Bid%7D"); xhr.setRequestHeader("Authorization", "your_api_key_here"); xhr.setRequestHeader("x-xdr-auth-id", "1"); xhr.setRequestHeader("content-type", "application/json"); xhr.send(data);
HttpResponse<String> response = Unirest.put("https://api-yourfqdn/public_api/appsec/v1/data_source_instances/%7Bid%7D") .header("Authorization", "your_api_key_here") .header("x-xdr-auth-id", "1") .header("content-type", "application/json") .body("{\"selectionType\":\"CURRENT_STATE\",\"state\":[\"string\"],\"externalProjects\":[{\"branchName\":\"string\",\"externalBranchName\":\"string\",\"externalId\":\"string\",\"externalProjectId\":\"string\",\"repoId\":\"string\"}],\"uniqueProperties\":{}}") .asString();
import Foundation let headers = [ "Authorization": "your_api_key_here", "x-xdr-auth-id": "1", "content-type": "application/json" ] let parameters = [ "selectionType": "CURRENT_STATE", "state": ["string"], "externalProjects": [ [ "branchName": "string", "externalBranchName": "string", "externalId": "string", "externalProjectId": "string", "repoId": "string" ] ], "uniqueProperties": [] ] as [String : Any] let postData = JSONSerialization.data(withJSONObject: parameters, options: []) let request = NSMutableURLRequest(url: NSURL(string: "https://api-yourfqdn/public_api/appsec/v1/data_source_instances/%7Bid%7D")! as URL, cachePolicy: .useProtocolCachePolicy, timeoutInterval: 10.0) request.httpMethod = "PUT" request.allHTTPHeaderFields = headers request.httpBody = postData as Data let session = URLSession.shared let dataTask = session.dataTask(with: request as URLRequest, completionHandler: { (data, response, error) -> Void in if (error != nil) { print(error) } else { let httpResponse = response as? HTTPURLResponse print(httpResponse) } }) dataTask.resume()
<?php $curl = curl_init(); curl_setopt_array($curl, [ CURLOPT_URL => "https://api-yourfqdn/public_api/appsec/v1/data_source_instances/%7Bid%7D", CURLOPT_RETURNTRANSFER => true, CURLOPT_ENCODING => "", CURLOPT_MAXREDIRS => 10, CURLOPT_TIMEOUT => 30, CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1, CURLOPT_CUSTOMREQUEST => "PUT", CURLOPT_POSTFIELDS => "{\"selectionType\":\"CURRENT_STATE\",\"state\":[\"string\"],\"externalProjects\":[{\"branchName\":\"string\",\"externalBranchName\":\"string\",\"externalId\":\"string\",\"externalProjectId\":\"string\",\"repoId\":\"string\"}],\"uniqueProperties\":{}}", CURLOPT_HTTPHEADER => [ "Authorization: your_api_key_here", "content-type: application/json", "x-xdr-auth-id: 1" ], ]); $response = curl_exec($curl); $err = curl_error($curl); curl_close($curl); if ($err) { echo "cURL Error #:" . $err; } else { echo $response; }
CURL *hnd = curl_easy_init(); curl_easy_setopt(hnd, CURLOPT_CUSTOMREQUEST, "PUT"); curl_easy_setopt(hnd, CURLOPT_URL, "https://api-yourfqdn/public_api/appsec/v1/data_source_instances/%7Bid%7D"); struct curl_slist *headers = NULL; headers = curl_slist_append(headers, "Authorization: your_api_key_here"); headers = curl_slist_append(headers, "x-xdr-auth-id: 1"); headers = curl_slist_append(headers, "content-type: application/json"); curl_easy_setopt(hnd, CURLOPT_HTTPHEADER, headers); curl_easy_setopt(hnd, CURLOPT_POSTFIELDS, "{\"selectionType\":\"CURRENT_STATE\",\"state\":[\"string\"],\"externalProjects\":[{\"branchName\":\"string\",\"externalBranchName\":\"string\",\"externalId\":\"string\",\"externalProjectId\":\"string\",\"repoId\":\"string\"}],\"uniqueProperties\":{}}"); CURLcode ret = curl_easy_perform(hnd);
var client = new RestClient("https://api-yourfqdn/public_api/appsec/v1/data_source_instances/%7Bid%7D"); var request = new RestRequest(Method.PUT); request.AddHeader("Authorization", "your_api_key_here"); request.AddHeader("x-xdr-auth-id", "1"); request.AddHeader("content-type", "application/json"); request.AddParameter("application/json", "{\"selectionType\":\"CURRENT_STATE\",\"state\":[\"string\"],\"externalProjects\":[{\"branchName\":\"string\",\"externalBranchName\":\"string\",\"externalId\":\"string\",\"externalProjectId\":\"string\",\"repoId\":\"string\"}],\"uniqueProperties\":{}}", ParameterType.RequestBody); IRestResponse response = client.Execute(request);
Body parameters
required
application/json

Define the integration details

selectionTypestring (Enum)

Defines how repositories are selected for scanning within a data source instance.

Allowed values:"CURRENT_STATE""CURRENT_STATE_AND_FUTURE""CURRENT_STATE_PENDING""MANUAL_SELECTION"
statearray[string]

To update the integration for specific repositories, specify them here in the following format:

"state":"["org1"/"repo_name1", "org2"/"repo_name2"]

externalProjectsarray
[
branchNamestringrequired

Name of the branch

externalBranchNamestringrequired

Name of the external branch

externalIdstringrequired

External ID

externalProjectIdstringrequired

External project ID

repoIdstringrequired

Repository ID

]
uniquePropertiesobject

A flexible key-value map for specifying additional properties. Keys are strings and values can be of any type.

REQUEST
{ "selectionType": "CURRENT_STATE", "state": [ "string" ], "externalProjects": [ { "branchName": "string", "externalBranchName": "string", "externalId": "string", "externalProjectId": "string", "repoId": "string" } ], "uniqueProperties": {} }
{ "uniqueProperties": { "name": "my-collector-updated" } }
Responses

Ok

Body
application/json

Integration details

creationDatestringrequired

Date and time when the data source instance was created.

domainobject

Domain configuration specifying the hostname and protocol for the data source instance

hostnamestringrequired

Hostname or domain name of the external data source.

protocolstring (Enum)required

Communication protocol used to connect to the data source.

Allowed values:"http""https"
idstringrequired

Unique identifier (ID) of the data source instance.

instanceVersionstring

Version of the data source instance configuration.

lastUpdateDatestringrequired

Date and time when the data source instance was last updated.

scanTypesobject
Additional propertiesobject

Configuration for a specific scan type within a data source instance.

isEnabledbooleanrequired

Indicates whether this scan type is enabled for the data source instance.

selectionTypestring (Enum)

Defines how repositories are selected for scanning within a data source instance.

Allowed values:"CURRENT_STATE""CURRENT_STATE_AND_FUTURE""CURRENT_STATE_PENDING""MANUAL_SELECTION"
selfSignedCertificatestring

PEM-encoded self-signed certificate used for secure communication with the data source.

statearray[string]

Integration state

statusDetailsobject
Additional propertiesobject

Detailed status information for a specific component of the data source instance.

errorstring

Error code or identifier if the component is in an error state.

messagestring

Human-readable message providing additional context about the status.

statusstring (Enum)required
Allowed values:"INVALID""VALID"
timestampstring

ISO 8601 timestamp indicating when the status was last evaluated.

tenantIdstring

Tenant ID that owns this data source instance.

transporterobject

Transporter configuration for establishing secure communication between an on-premises or private data source and Cortex.

brokerDeviceIdstringrequired

Unique identifier of the broker device used for the transporter connection.

connectionNamestringrequired

Name of the transporter connection.

typestring (Enum)required

Type of the data source instance, indicating the external system it connects to.

Allowed values:"COLLECTOR"
typeCategorystring (Enum)

Category classification of the data source instance type.

  • DEFAULT — Standard data source instances such as VCS, CI/CD, and CLI integrations.
  • EXTERNAL_VENDOR_INTEGRATIONS — Third-party external vendor integrations.
Allowed values:"DEFAULT""EXTERNAL_VENDOR_INTEGRATIONS"
uniqueIdentifierstring

Unique identifier of the integration

RESPONSE
{ "creationDate": "2025-09-12T08:20:00.000Z", "id": "d4e5f6a7b8c9d0e1f2a3b4c5", "instanceVersion": "1.0.0", "lastUpdateDate": "2025-10-05T16:30:00.000Z", "selectionType": "MANUAL_SELECTION", "state": [ "example-org/repo-alpha", "example-org/repo-beta" ], "status": "CONNECTED", "type": "COLLECTOR", "typeCategory": "DEFAULT", "uniqueIdentifier": "my-collector-updated", "detectionMethod": "SAST", "fileType": "SARIF", "apiUrl": "https://api-yourfqdn/public_api/appsec/v1/collectors/d4e5f6a7b8c9d0e1f2a3b4c5" }
{ "creationDate": "2025-04-02T08:20:58.381Z", "id": "d4e5f6a7b8c9d0e1f2a3b4c5", "status": "CONNECTED", "type": "COLLECTOR", "uniqueIdentifier": "my-collector-updated", "lastUpdateDate": "2025-04-02T08:21:47.023Z", "detectionMethod": "SAST", "fileType": "SARIF", "apiUrl": "https://api-yourfqdn/public_api/appsec/v1/collectors/d4e5f6a7b8c9d0e1f2a3b4c5" }

Internal Server Error

Body
application/json
errorCodestring

Error code identifying the type of error.

messagestring

Human-readable message describing the error.

RESPONSE
{ "errorCode": "_InternalServerError", "message": "Failed to update data source instance" }