Book a demo

getApiSecurityItems

Retrieves a list of discovered API endpoints with their security information.

Examples

query GetApiSecurityItems($getApiSecurityInput: GetApiSecurityInput) {
  getApiSecurityItems(getApiSecurityInput: $getApiSecurityInput) {
    apiSecurityItems {
      id
      scanId
      title
      description
      version
      methodDescription
      methodOperationId
      methodSummary
      openapi
      servers
      epName
      methodName
      methodResponses {
        description
        code
      }
      methodTags
      methodParameters {
        description
        in
        name
        required
      }
      appId
      appType
      appName
      fileName
      definitions {
        source
        fileName
        link
        llmTitle
        llmDescription
        functions {
          function
          line
          snippet
          filepath
          link
        }
      }
      framework
      language
      firstSeen
      uuid
      issuesBySeverity {
        info
        low
        medium
        high
        critical
        appox
      }
      codeLocations {
        link
        callBranch
      }
      commits {
        commitInfo {
          authorName
          authorEmail
          committerName
          committerEmail
          commitId
          message
          authorDate
          commitDate
        }
        match
        snippet
        snippetLineNumber
        startLineNumber
        fileName
        link
      }
    }
    total
    totalFiltered
  }
}

Variables

This is an example input showing all available input fields. Only fields marked as required in the schema are mandatory.

{
  "getApiSecurityInput": {
    "scanId": "c9da693d-8906-4a32-93c9-2ffdb1cebb99",
    "offset": 0,
    "limit": 100,
    "owners": ["example"],
    "tagIds": ["example"],
    "search": "/api/v2/",
    "filters": {
      "apps": ["repo-name"],
      "titles": ["Kubernetes"],
      "endpoints": ["/api/v1/some/endpoint"],
      "methods": ["GET"],
      "framework": ["OpenAPI"],
      "languages": ["OpenAPI"],
      "issueIds": ["30966426-oxPolicy_securityCloudScan_100-example"],
      "apiId": ["ceb76dd8-7c11-448c-9056-17c5b5bfa361"],
      "source": ["OpenAPI"],
      "severities": ["2"],
      "reachability": ["Code"]
    },
    "filterSearch": [
      {
        "fieldName": "example",
        "value": ["example"]
      }
    ],
    "openItems": ["digest"],
    "orderBy": {
      "field": "title",
      "direction": "ASC"
    }
  }
}

Arguments

You can use the following argument(s) to customize your getApiSecurityItems query.

Argument
Description
Supported fields

getApiSecurityInput GetApiSecurityInput

Parameters for filtering and paginating the API security items.

scanId String offset Int limit Int owners [String] tagIds [String] search String filters ApiSecFilters filterSearch [AutoCompleteSearch] openItems [FilterTypes] orderBy ApiSecurityOrderBy

Fields

Return type: ApiSecurityItemsResponse

You can use the following field(s) to specify what information your getApiSecurityItems query will return. Please note that some fields may have their own subfields.

Field
Description
Supported fields

apiSecurityItems [ApiSecurityItem]

List of API security items found in the scan

id String scanId String title String description String version String methodDescription String methodOperationId String methodSummary String openapi String servers [String] epName String methodName String methodResponses [MethodResponse] methodTags [String] methodParameters [MethodParameter] appId String appType String appName String fileName [String] definitions [APIDefinitions] framework String language String firstSeen Date uuid String issuesBySeverity Severities codeLocations [CodeLocation] commits [ApiInventoryCommit]

total Int

Total number of API security items available

totalFiltered Int

Total number of API security items after applying filters

Last updated