# getIssues
Retrieves all security issues detected during a scan. In addition to listing the identified issues, it provides detailed information about each one, in order to assess and address security risks effectively.
With this API you can:
* Retrieve a comprehensive list of security issues.
* Access in-depth details for each issue, including severity, affected components, remediation steps, and more.
* Sort and filter issues based on custom criteria to prioritize and manage security risks efficiently.
### Examples
{% tabs %}
{% tab title="GraphQL" %}
```graphql
query GetIssues($getIssuesInput: IssuesInput) {
getIssues(getIssuesInput: $getIssuesInput) {
issues {
importantSeverityBreakdown
overrideSeverityReason
highestOXCVESeverity
latestCommit {
originalSeverity
oxSeverity
callBranch
linkToExternalProduct
stars
forks
downloads
vulBySeverity
nameAndVer
sourceRepoName
sourceRepoLink
sourceCreationDate
sourceLastModifyDate
destinationRepoName
destinationRepoLink
destinationCreationDate
destinationLastModifyDate
destinationRepoVisibility
reasons
_id
url
additionalToolData
events
allEvents
pushType
sha
title
link
mergedBy
date
fileCount
diffInDays
reviewers
user
userLink
userAvatar
devOperation
devOperationDate
adminOperation
adminOperationDate
reviewOperation
reviewOperationDate
orgRole
earliestActivityDate
repoPermissions
adminLocation
email
pullRequestsCount
diffFromNowToCreatedAtInDays
username
accessLevel
createdAt
lastAccess
fileName
fileUri
startLine
endLine
match
snippet
commitLink
commitBy
changeAuthorName
mergeDate
dateCommitPushed
pullRequestNumber
pullRequestLink
codeOwners
region
eduVideoLink
resource
service
accountName
cloudEnv
secret
secretType
secretTypeDescription
secretStatus
image
imageCreatedAt
pkgCount
dockerVer
os
binariesCount
tag
reputation
sha256
size
pushedAt
source
sourceLink
ruleId
realMatch
excludedByAlert
filePath
lockfile
accountId
snippetLineNumber
language
daysOpen
isFixAvailable
aggId
pkgName
installedVersion
fixedVersion
triggerPkgName
triggerPkgVersion
triggerPkgUpgradeVersion
dependencyType
branch
hashAggId
repo
repoCreator
lastCodeDate
lastAdminOperation
exclusionId
numberOfReposDomainAppear
layer
baseImage
imageLink
registryName
project
resourceGroup
cloudResourceTags
location
locationLink
parameter
test
cvss
evidence
request
response
dastUrl
method
parameterType
value
cluster
type
cloudType
k8sType
consoleLink
name
subscriptionId
stringifiedClusters
aggStatus
falsePositive {
isFalsePositive
comment
reportedBy
reportedAt
isCanceled
cancelComment
canceledBy
canceledAt
commentWhenCanceled
}
cbomId
prDeatils {
sourceControlType
issueId
appId
repo
prId
prURL
prBranchName
commitMessage
commiter
comment
date
prTitle
prBody
prStatus
prApprover
prReviewer
prMergeTime
}
triage {
triageStatus
createdBy
createdAt
}
runtimeStatus
eventCount
pod
parentProcess
process
processPath
command
connection
eventArgs
eventFlags
}
additionalTabs {
type
aggItems {
originalSeverity
oxSeverity
callBranch
linkToExternalProduct
stars
forks
downloads
vulBySeverity
nameAndVer
sourceRepoName
sourceRepoLink
sourceCreationDate
sourceLastModifyDate
destinationRepoName
destinationRepoLink
destinationCreationDate
destinationLastModifyDate
destinationRepoVisibility
reasons
_id
url
additionalToolData
events
allEvents
pushType
sha
title
link
mergedBy
date
fileCount
diffInDays
reviewers
user
userLink
userAvatar
devOperation
devOperationDate
adminOperation
adminOperationDate
reviewOperation
reviewOperationDate
orgRole
earliestActivityDate
repoPermissions
adminLocation
email
pullRequestsCount
diffFromNowToCreatedAtInDays
username
accessLevel
createdAt
lastAccess
fileName
fileUri
startLine
endLine
match
snippet
commitLink
commitBy
changeAuthorName
mergeDate
dateCommitPushed
pullRequestNumber
pullRequestLink
codeOwners
region
eduVideoLink
resource
service
accountName
cloudEnv
secret
secretType
secretTypeDescription
secretStatus
image
imageCreatedAt
pkgCount
dockerVer
os
binariesCount
tag
reputation
sha256
size
pushedAt
source
sourceLink
ruleId
realMatch
excludedByAlert
filePath
lockfile
accountId
snippetLineNumber
language
daysOpen
isFixAvailable
aggId
pkgName
installedVersion
fixedVersion
triggerPkgName
triggerPkgVersion
triggerPkgUpgradeVersion
dependencyType
branch
hashAggId
repo
repoCreator
lastCodeDate
lastAdminOperation
exclusionId
numberOfReposDomainAppear
layer
baseImage
imageLink
registryName
project
resourceGroup
cloudResourceTags
location
locationLink
parameter
test
cvss
evidence
request
response
dastUrl
method
parameterType
value
cluster
type
cloudType
k8sType
consoleLink
name
subscriptionId
stringifiedClusters
aggStatus
falsePositive {
isFalsePositive
comment
reportedBy
reportedAt
isCanceled
cancelComment
canceledBy
canceledAt
commentWhenCanceled
}
cbomId
prDeatils {
sourceControlType
issueId
appId
repo
prId
prURL
prBranchName
commitMessage
commiter
comment
date
prTitle
prBody
prStatus
prApprover
prReviewer
prMergeTime
}
triage {
triageStatus
createdBy
createdAt
}
runtimeStatus
eventCount
pod
parentProcess
process
processPath
command
connection
eventArgs
eventFlags
}
}
issueDetailsHeaders {
id
label
featureFlag
}
compliance {
standard
standardLink
control
category
description
categoryLink
controlLink
}
sbom {
id
references {
triggerPackage
location
locationLink
dependencyType
dependencyLevel
commit {
commitedAt
committerName
committerEmail
}
fileName
}
language
libraryName
libraryVersion
license
appName
location
dependencyType
source
appId
locationLink
appLink
pkgName
copyWriteInfo
copyWriteInfoLink
libLink
vulnerabilityCounts {
appox
critical
high
medium
low
info
}
triggerPackage
vulnerabilities {
issueId
oxSeverity
severityNumberFromTool
severityFromTool
cve
cveLink
cvsVer
cvssVersion
epss
percentile
libName
dependencyChain
runtimeStatus
runtimeContext {
runtimeStatus
cloudContexts {
provider
accountId
region
clusterName
namespace
containerRuntime
}
}
libVersion
chainDepth
exploitInTheWild
exploitInTheWildLink
description
dateDiscovered
minorVerWithFix
majorVerWithFix
exploitRequirement
exploitCode
originalSeverity
}
latestVersion
latestVersionDate
stars
forks
openIssues
packageManager
purl
packageManagerLink
maintainers
contributors
downloads
sourceLink
notPopular
licenseIssue
malicious
malwareType
osVname
notMaintained
isDeprecated
notImported
notUpdated
dependencyLevel
requestId
licenseLink
artifactInSbomLibs {
image
imageLink
imageCreatedAt
sha
os
osVersion
baseImage
baseImageVersion
tag
layer
registryName
source
}
sha
maintainersList {
name
email
}
runtimeStatus
runtimeContext {
runtimeStatus
cloudContexts {
provider
accountId
region
clusterName
namespace
containerRuntime
}
}
usedVersionReleaseDate
projectDescription
firstSeenDate
}
dependencyGraph {
nodes {
id
name
width
height
vulnerable
}
allNodes {
id
name
width
height
vulnerable
}
edges {
v
w
}
allEdges {
v
w
}
}
groupId
name
mainTitle
secondTitle
scanId
sla {
daysPastSLA
status
}
issueUpdatedAt
scanDate
description
impact
exposure
severity
owners
ownerEmails
occurrences
score {
value
comments
}
orgConScore
connector
learnMore
extraInfo {
key
val
value
snippet {
detectionType
fileName
snippetLineNumber
language
text
}
link
callBranch
iconLink
tags
}
resource {
id
type
}
appName
app {
id
name
businessPriority
riskScore
secPosture
type
typeComments
applicationFlows {
artifacts {
type
name
hashType
system
subType
hash
size
date
location {
runBy
foundBy
foundIn
link
}
linkName
k8sType
cluster
region
}
cloudDeployments {
type
subType
name
hash
hashType
link
location {
runBy
foundBy
foundIn
link
}
k8sType
imageName
date
cluster
region
}
cicdInfo {
type
system
latestDate
lastMonthJobCount
location {
runBy
foundBy
foundIn
link
}
}
orchestrators {
type
name
hashType
system
hash
size
date
location {
runBy
foundBy
foundIn
link
}
}
kubernetes {
type
name
hashType
system
hash
subType
size
date
location {
runBy
foundBy
foundIn
link
}
}
repository {
type
system
date
location {
runBy
foundBy
foundIn
link
}
}
}
fakeApp
originBranchName
repoId
organization
repoName
owners {
name
email
roles
}
credentialsId
lastCodeChange
createdAt
publicVisibility
branch
}
policy {
id
name
detailedDescription
}
issueId
category {
name
categoryId
subCategoryName
subCategoryComment
}
aggregations {
type
columns {
columns {
header
key
tooltip
href
type
}
comment
}
items {
originalSeverity
oxSeverity
callBranch
linkToExternalProduct
stars
forks
downloads
vulBySeverity
nameAndVer
sourceRepoName
sourceRepoLink
sourceCreationDate
sourceLastModifyDate
destinationRepoName
destinationRepoLink
destinationCreationDate
destinationLastModifyDate
destinationRepoVisibility
reasons
_id
url
additionalToolData
events
allEvents
pushType
sha
title
link
mergedBy
date
fileCount
diffInDays
reviewers
user
userLink
userAvatar
devOperation
devOperationDate
adminOperation
adminOperationDate
reviewOperation
reviewOperationDate
orgRole
earliestActivityDate
repoPermissions
adminLocation
email
pullRequestsCount
diffFromNowToCreatedAtInDays
username
accessLevel
createdAt
lastAccess
fileName
fileUri
startLine
endLine
match
snippet
commitLink
commitBy
changeAuthorName
mergeDate
dateCommitPushed
pullRequestNumber
pullRequestLink
codeOwners
region
eduVideoLink
resource
service
accountName
cloudEnv
secret
secretType
secretTypeDescription
secretStatus
image
imageCreatedAt
pkgCount
dockerVer
os
binariesCount
tag
reputation
sha256
size
pushedAt
source
sourceLink
ruleId
realMatch
excludedByAlert
filePath
lockfile
accountId
snippetLineNumber
language
daysOpen
isFixAvailable
aggId
pkgName
installedVersion
fixedVersion
triggerPkgName
triggerPkgVersion
triggerPkgUpgradeVersion
dependencyType
branch
hashAggId
repo
repoCreator
lastCodeDate
lastAdminOperation
exclusionId
numberOfReposDomainAppear
layer
baseImage
imageLink
registryName
project
resourceGroup
cloudResourceTags
location
locationLink
parameter
test
cvss
evidence
request
response
dastUrl
method
parameterType
value
cluster
type
cloudType
k8sType
consoleLink
name
subscriptionId
stringifiedClusters
aggStatus
falsePositive {
isFalsePositive
comment
reportedBy
reportedAt
isCanceled
cancelComment
canceledBy
canceledAt
commentWhenCanceled
}
cbomId
prDeatils {
sourceControlType
issueId
appId
repo
prId
prURL
prBranchName
commitMessage
commiter
comment
date
prTitle
prBody
prStatus
prApprover
prReviewer
prMergeTime
}
triage {
triageStatus
createdBy
createdAt
}
runtimeStatus
eventCount
pod
parentProcess
process
processPath
command
connection
eventArgs
eventFlags
}
}
recommendation
multipleRecommendation {
type
steps {
title
command
postCommandExplanation
}
}
sourceTools
ruleId
fixes {
settingType
tooltip
description
warning
confirmation
inputs {
type
name
options {
name
selected
metadata
info
displayName
isDisabled
}
multiSelect
maxSelect
minSelect
displayName
}
}
fixAppliedDeatils {
appliedBy
appliedDate
}
cwe
fixLink
cweList {
name
description
url
}
dependencyChain
publicExploitLink
createdAt
tickets {
provider
ticketId
createdBy
issueId
issueName
appName
appId
category
assignee
reporter
link
project
issueType
key
}
slackNotification {
channelName
timestamp
}
messages {
messagingVendor
recipients {
name
id
type
}
createdAt
}
fixIssue {
fixType
fixTitle
fixDescription
isFixApplied
fixAppliedBy
sourceControlType
fixDate
}
requestContent
responseContent
autoFix {
fixType
fixTitle
fixDescription
isFixApplied
fixAppliedBy
sourceControlType
fixDate
}
lowerSeverityReason
severityChange
originalToolSeverity
scaVulnerabilities {
issueId
oxSeverity
severityNumberFromTool
severityFromTool
cve
cveLink
cvsVer
cvssVersion
epss
percentile
libName
dependencyChain
runtimeStatus
runtimeContext {
runtimeStatus
cloudContexts {
provider
accountId
region
clusterName
namespace
containerRuntime
}
}
libVersion
chainDepth
exploitInTheWild
exploitInTheWildLink
description
dateDiscovered
minorVerWithFix
majorVerWithFix
exploitRequirement
exploitCode
originalSeverity
}
dependencyGraphNodes {
id
name
width
height
vulnerable
}
dependencyGraphEdges {
v
w
}
scaTriggerPkg
scaTriggerPkgs {
scaTriggerPkg
fileName
}
pkgSemanticVersion
severityChangeReason
severityChangedReason {
changeNumber
withoutAutoNumbering
evidenceLabel
reason
shortName
changeCategory
extraInfo {
key
value
link
snippet {
snippetLineNumber
language
text
fileName
}
iconLink
callBranch
}
extraInfoContainer {
layerSha
layerNum
artifactName
sha
registryName
}
order
}
aggSeverityExplanation
isNew
newReason
aggSFsForCalcDisplay {
changeNumber
withoutAutoNumbering
evidenceLabel
reason
shortName
changeCategory
extraInfo {
key
value
link
snippet {
snippetLineNumber
language
text
fileName
}
iconLink
callBranch
}
extraInfoContainer {
layerSha
layerNum
artifactName
sha
registryName
}
order
}
resolvedIssueDate
isPRAvailable
cicdFields {
issueStatus
sourceBranch
targetBranch
jobId
jobTriggeredAt
jobTriggeredAtDate
jobTriggeredBy
jobTriggeredReason
jobUrl
pullRequestId
pullRequestUrl
enforcement
excludedByAlert
cicdEventType
workflows {
id
name
}
}
comment
comments {
commentId
text
authorId
authorEmail
authorName
createdAt
updatedAt
}
excludedByAlert
excludedByPolicy
excludedByApp
countRule
exclusionId
languageInfo {
name
version
}
isMonoRepoChild
monoRepoParent
isFixAvailable
isFixApplied
isGPTFixAvailable
oscarData {
name
description
url
id
}
gptInfo {
gptResponse
user
createdAt
}
prDeatils {
sourceControlType
issueId
appId
repo
prId
prURL
prBranchName
commitMessage
commiter
comment
date
prTitle
prBody
prStatus
prApprover
prReviewer
prMergeTime
}
tags {
tagId
name
email
displayName
tagType
createdBy
purpose
deploymentModel
tagCategory
}
originalSeverity
overrideSeverity
isFalsePositive
falsePositiveComment
isCanceledFalsePositive
cancelFalsePositiveComment
falsePositiveDetails {
canceledBy
reportedBy
commentWhenCanceled
aggregationsStatus
}
issueStatus
scanIssueStatus
resolvedReason
resolvedDetails
resolvedReasonDetails {
description
}
disappearedReason
disappearedDetails
disappearedReasonDetails {
description
}
disappearedDate
correlatedIssueId
correlatedRegistry
scaFixType
previousSeverity {
severity
severityChangedDate
}
version
severityFactorsDiff {
shortName
change
status
}
exposedByApiItems {
apiId
codeLocations {
link
callBranch
}
}
originBranchName
exclusionComment
exclusionExpiredAt
problematicPkg
serverlessDeploymentOperation {
userIdentity {
type
principalId
arn
accountId
accessKeyId
sessionContext {
sessionIssuer {
type
principalId
arn
accountId
userName
}
attributes {
creationDate
mfaAuthenticated
}
}
}
deploymentTime
sourceIPAddress
userAgent
connectedFromConsole
location
linkToCode
functionName
functionArn
internalFunctionName
cloudRegion
version
revisionId
codeSha256
entryPoint
codeSize
memorySize
timeout
runtime
runtimeVersionConfig {
runtimeVersionArn
}
architectures
role
recipientAccountId
description
}
eventFromExternalTool
issueOwners {
name
email
}
overrideIssueOwner
originalIssueOwners {
name
email
}
cveExclusions {
label
recommended
tooltip
type
id
oxRuleId
level
excludeBy
uidOnly
isDefault
ffKey
exclusionScope
}
}
totalIssues
totalFilteredIssues
totalResolvedIssues
offset
totalActiveIssues
selectedPosition
topOffset
cursorValue
}
}
```
**Variables**
This is an example input showing all available input fields. Only fields marked as required in the schema are mandatory.
```json
{
"getIssuesInput": {
"scanID": "",
"limit": 100,
"page": 1,
"search": [
{
"fieldName": "example",
"value": ["example"]
}
],
"offset": 0,
"sort": {
"fields": ["Category"],
"order": ["ASC"]
},
"owners": ["example"],
"tagIds": ["example"],
"inventoryFilters": ["New"],
"dateRange": {
"from": 1749000000000,
"to": 1749900000000
},
"limitAggItems": 42,
"offsetAggItems": 42,
"ignoreEnvCheck": true,
"exportsOptions": {
"flattenAgg": true,
"isDemoEnabled": true,
"name": "SomeName",
"columns": [
{
"key": "Severity",
"name": "SomeName"
}
],
"rowsLimit": 42
},
"issueId": "30966426-oxPolicy_securityCloudScan_100-example",
"topOffset": 42,
"topLevelSearch": "example",
"scrollDirection": "example",
"openItems": ["digest"],
"conditionalFilters": [
{
"condition": "AND",
"fieldName": "digest",
"values": ["example"],
"greaterThan": 13.37,
"lessThan": 13.37
}
],
"cursorValue": "example"
}
}
```
{% endtab %}
{% tab title="cURL" %}
```shell
curl -X POST \
https://api.cloud.ox.security/api/apollo-gateway \
-H 'Content-Type: application/json' \
-H 'Authorization: YOUR_API_TOKEN' \
-d '{
"query": "query GetIssues($getIssuesInput: IssuesInput) { getIssues(getIssuesInput: $getIssuesInput) { issues { importantSeverityBreakdown overrideSeverityReason highestOXCVESeverity latestCommit { originalSeverity oxSeverity callBranch linkToExternalProduct stars forks downloads vulBySeverity nameAndVer sourceRepoName sourceRepoLink sourceCreationDate sourceLastModifyDate destinationRepoName destinationRepoLink destinationCreationDate destinationLastModifyDate destinationRepoVisibility reasons _id url additionalToolData events allEvents pushType sha title link mergedBy date fileCount diffInDays reviewers user userLink userAvatar devOperation devOperationDate adminOperation adminOperationDate reviewOperation reviewOperationDate orgRole earliestActivityDate repoPermissions adminLocation email pullRequestsCount diffFromNowToCreatedAtInDays username accessLevel createdAt lastAccess fileName fileUri startLine endLine match snippet commitLink commitBy changeAuthorName mergeDate dateCommitPushed pullRequestNumber pullRequestLink codeOwners region eduVideoLink resource service accountName cloudEnv secret secretType secretTypeDescription secretStatus image imageCreatedAt pkgCount dockerVer os binariesCount tag reputation sha256 size pushedAt source sourceLink ruleId realMatch excludedByAlert filePath lockfile accountId snippetLineNumber language daysOpen isFixAvailable aggId pkgName installedVersion fixedVersion triggerPkgName triggerPkgVersion triggerPkgUpgradeVersion dependencyType branch hashAggId repo repoCreator lastCodeDate lastAdminOperation exclusionId numberOfReposDomainAppear layer baseImage imageLink registryName project resourceGroup cloudResourceTags location locationLink parameter test cvss evidence request response dastUrl method parameterType value cluster type cloudType k8sType consoleLink name subscriptionId stringifiedClusters aggStatus falsePositive { isFalsePositive comment reportedBy reportedAt isCanceled cancelComment canceledBy canceledAt commentWhenCanceled } cbomId prDeatils { sourceControlType issueId appId repo prId prURL prBranchName commitMessage commiter comment date prTitle prBody prStatus prApprover prReviewer prMergeTime } triage { triageStatus createdBy createdAt } runtimeStatus eventCount pod parentProcess process processPath command connection eventArgs eventFlags } additionalTabs { type aggItems { originalSeverity oxSeverity callBranch linkToExternalProduct stars forks downloads vulBySeverity nameAndVer sourceRepoName sourceRepoLink sourceCreationDate sourceLastModifyDate destinationRepoName destinationRepoLink destinationCreationDate destinationLastModifyDate destinationRepoVisibility reasons _id url additionalToolData events allEvents pushType sha title link mergedBy date fileCount diffInDays reviewers user userLink userAvatar devOperation devOperationDate adminOperation adminOperationDate reviewOperation reviewOperationDate orgRole earliestActivityDate repoPermissions adminLocation email pullRequestsCount diffFromNowToCreatedAtInDays username accessLevel createdAt lastAccess fileName fileUri startLine endLine match snippet commitLink commitBy changeAuthorName mergeDate dateCommitPushed pullRequestNumber pullRequestLink codeOwners region eduVideoLink resource service accountName cloudEnv secret secretType secretTypeDescription secretStatus image imageCreatedAt pkgCount dockerVer os binariesCount tag reputation sha256 size pushedAt source sourceLink ruleId realMatch excludedByAlert filePath lockfile accountId snippetLineNumber language daysOpen isFixAvailable aggId pkgName installedVersion fixedVersion triggerPkgName triggerPkgVersion triggerPkgUpgradeVersion dependencyType branch hashAggId repo repoCreator lastCodeDate lastAdminOperation exclusionId numberOfReposDomainAppear layer baseImage imageLink registryName project resourceGroup cloudResourceTags location locationLink parameter test cvss evidence request response dastUrl method parameterType value cluster type cloudType k8sType consoleLink name subscriptionId stringifiedClusters aggStatus falsePositive { isFalsePositive comment reportedBy reportedAt isCanceled cancelComment canceledBy canceledAt commentWhenCanceled } cbomId prDeatils { sourceControlType issueId appId repo prId prURL prBranchName commitMessage commiter comment date prTitle prBody prStatus prApprover prReviewer prMergeTime } triage { triageStatus createdBy createdAt } runtimeStatus eventCount pod parentProcess process processPath command connection eventArgs eventFlags } } issueDetailsHeaders { id label featureFlag } compliance { standard standardLink control category description categoryLink controlLink } sbom { id references { triggerPackage location locationLink dependencyType dependencyLevel commit { commitedAt committerName committerEmail } fileName } language libraryName libraryVersion license appName location dependencyType source appId locationLink appLink pkgName copyWriteInfo copyWriteInfoLink libLink vulnerabilityCounts { appox critical high medium low info } triggerPackage vulnerabilities { issueId oxSeverity severityNumberFromTool severityFromTool cve cveLink cvsVer cvssVersion epss percentile libName dependencyChain runtimeStatus runtimeContext { runtimeStatus cloudContexts { provider accountId region clusterName namespace containerRuntime } } libVersion chainDepth exploitInTheWild exploitInTheWildLink description dateDiscovered minorVerWithFix majorVerWithFix exploitRequirement exploitCode originalSeverity } latestVersion latestVersionDate stars forks openIssues packageManager purl packageManagerLink maintainers contributors downloads sourceLink notPopular licenseIssue malicious malwareType osVname notMaintained isDeprecated notImported notUpdated dependencyLevel requestId licenseLink artifactInSbomLibs { image imageLink imageCreatedAt sha os osVersion baseImage baseImageVersion tag layer registryName source } sha maintainersList { name email } runtimeStatus runtimeContext { runtimeStatus cloudContexts { provider accountId region clusterName namespace containerRuntime } } usedVersionReleaseDate projectDescription firstSeenDate } dependencyGraph { nodes { id name width height vulnerable } allNodes { id name width height vulnerable } edges { v w } allEdges { v w } } groupId name mainTitle secondTitle scanId sla { daysPastSLA status } issueUpdatedAt scanDate description impact exposure severity owners ownerEmails occurrences score { value comments } orgConScore connector learnMore extraInfo { key val value snippet { detectionType fileName snippetLineNumber language text } link callBranch iconLink tags } resource { id type } appName app { id name businessPriority riskScore secPosture type typeComments applicationFlows { artifacts { type name hashType system subType hash size date location { runBy foundBy foundIn link } linkName k8sType cluster region } cloudDeployments { type subType name hash hashType link location { runBy foundBy foundIn link } k8sType imageName date cluster region } cicdInfo { type system latestDate lastMonthJobCount location { runBy foundBy foundIn link } } orchestrators { type name hashType system hash size date location { runBy foundBy foundIn link } } kubernetes { type name hashType system hash subType size date location { runBy foundBy foundIn link } } repository { type system date location { runBy foundBy foundIn link } } } fakeApp originBranchName repoId organization repoName owners { name email roles } credentialsId lastCodeChange createdAt publicVisibility branch } policy { id name detailedDescription } issueId category { name categoryId subCategoryName subCategoryComment } aggregations { type columns { columns { header key tooltip href type } comment } items { originalSeverity oxSeverity callBranch linkToExternalProduct stars forks downloads vulBySeverity nameAndVer sourceRepoName sourceRepoLink sourceCreationDate sourceLastModifyDate destinationRepoName destinationRepoLink destinationCreationDate destinationLastModifyDate destinationRepoVisibility reasons _id url additionalToolData events allEvents pushType sha title link mergedBy date fileCount diffInDays reviewers user userLink userAvatar devOperation devOperationDate adminOperation adminOperationDate reviewOperation reviewOperationDate orgRole earliestActivityDate repoPermissions adminLocation email pullRequestsCount diffFromNowToCreatedAtInDays username accessLevel createdAt lastAccess fileName fileUri startLine endLine match snippet commitLink commitBy changeAuthorName mergeDate dateCommitPushed pullRequestNumber pullRequestLink codeOwners region eduVideoLink resource service accountName cloudEnv secret secretType secretTypeDescription secretStatus image imageCreatedAt pkgCount dockerVer os binariesCount tag reputation sha256 size pushedAt source sourceLink ruleId realMatch excludedByAlert filePath lockfile accountId snippetLineNumber language daysOpen isFixAvailable aggId pkgName installedVersion fixedVersion triggerPkgName triggerPkgVersion triggerPkgUpgradeVersion dependencyType branch hashAggId repo repoCreator lastCodeDate lastAdminOperation exclusionId numberOfReposDomainAppear layer baseImage imageLink registryName project resourceGroup cloudResourceTags location locationLink parameter test cvss evidence request response dastUrl method parameterType value cluster type cloudType k8sType consoleLink name subscriptionId stringifiedClusters aggStatus falsePositive { isFalsePositive comment reportedBy reportedAt isCanceled cancelComment canceledBy canceledAt commentWhenCanceled } cbomId prDeatils { sourceControlType issueId appId repo prId prURL prBranchName commitMessage commiter comment date prTitle prBody prStatus prApprover prReviewer prMergeTime } triage { triageStatus createdBy createdAt } runtimeStatus eventCount pod parentProcess process processPath command connection eventArgs eventFlags } } recommendation multipleRecommendation { type steps { title command postCommandExplanation } } sourceTools ruleId fixes { settingType tooltip description warning confirmation inputs { type name options { name selected metadata info displayName isDisabled } multiSelect maxSelect minSelect displayName } } fixAppliedDeatils { appliedBy appliedDate } cwe fixLink cweList { name description url } dependencyChain publicExploitLink createdAt tickets { provider ticketId createdBy issueId issueName appName appId category assignee reporter link project issueType key } slackNotification { channelName timestamp } messages { messagingVendor recipients { name id type } createdAt } fixIssue { fixType fixTitle fixDescription isFixApplied fixAppliedBy sourceControlType fixDate } requestContent responseContent autoFix { fixType fixTitle fixDescription isFixApplied fixAppliedBy sourceControlType fixDate } lowerSeverityReason severityChange originalToolSeverity scaVulnerabilities { issueId oxSeverity severityNumberFromTool severityFromTool cve cveLink cvsVer cvssVersion epss percentile libName dependencyChain runtimeStatus runtimeContext { runtimeStatus cloudContexts { provider accountId region clusterName namespace containerRuntime } } libVersion chainDepth exploitInTheWild exploitInTheWildLink description dateDiscovered minorVerWithFix majorVerWithFix exploitRequirement exploitCode originalSeverity } dependencyGraphNodes { id name width height vulnerable } dependencyGraphEdges { v w } scaTriggerPkg scaTriggerPkgs { scaTriggerPkg fileName } pkgSemanticVersion severityChangeReason severityChangedReason { changeNumber withoutAutoNumbering evidenceLabel reason shortName changeCategory extraInfo { key value link snippet { snippetLineNumber language text fileName } iconLink callBranch } extraInfoContainer { layerSha layerNum artifactName sha registryName } order } aggSeverityExplanation isNew newReason aggSFsForCalcDisplay { changeNumber withoutAutoNumbering evidenceLabel reason shortName changeCategory extraInfo { key value link snippet { snippetLineNumber language text fileName } iconLink callBranch } extraInfoContainer { layerSha layerNum artifactName sha registryName } order } resolvedIssueDate isPRAvailable cicdFields { issueStatus sourceBranch targetBranch jobId jobTriggeredAt jobTriggeredAtDate jobTriggeredBy jobTriggeredReason jobUrl pullRequestId pullRequestUrl enforcement excludedByAlert cicdEventType workflows { id name } } comment comments { commentId text authorId authorEmail authorName createdAt updatedAt } excludedByAlert excludedByPolicy excludedByApp countRule exclusionId languageInfo { name version } isMonoRepoChild monoRepoParent isFixAvailable isFixApplied isGPTFixAvailable oscarData { name description url id } gptInfo { gptResponse user createdAt } prDeatils { sourceControlType issueId appId repo prId prURL prBranchName commitMessage commiter comment date prTitle prBody prStatus prApprover prReviewer prMergeTime } tags { tagId name email displayName tagType createdBy purpose deploymentModel tagCategory } originalSeverity overrideSeverity isFalsePositive falsePositiveComment isCanceledFalsePositive cancelFalsePositiveComment falsePositiveDetails { canceledBy reportedBy commentWhenCanceled aggregationsStatus } issueStatus scanIssueStatus resolvedReason resolvedDetails resolvedReasonDetails { description } disappearedReason disappearedDetails disappearedReasonDetails { description } disappearedDate correlatedIssueId correlatedRegistry scaFixType previousSeverity { severity severityChangedDate } version severityFactorsDiff { shortName change status } exposedByApiItems { apiId codeLocations { link callBranch } } originBranchName exclusionComment exclusionExpiredAt problematicPkg serverlessDeploymentOperation { userIdentity { type principalId arn accountId accessKeyId sessionContext { sessionIssuer { type principalId arn accountId userName } attributes { creationDate mfaAuthenticated } } } deploymentTime sourceIPAddress userAgent connectedFromConsole location linkToCode functionName functionArn internalFunctionName cloudRegion version revisionId codeSha256 entryPoint codeSize memorySize timeout runtime runtimeVersionConfig { runtimeVersionArn } architectures role recipientAccountId description } eventFromExternalTool issueOwners { name email } overrideIssueOwner originalIssueOwners { name email } cveExclusions { label recommended tooltip type id oxRuleId level excludeBy uidOnly isDefault ffKey exclusionScope } } totalIssues totalFilteredIssues totalResolvedIssues offset totalActiveIssues selectedPosition topOffset cursorValue } }",
"variables": {
"getIssuesInput": {
"scanID": "",
"limit": 100,
"page": 1,
"search": [
{
"fieldName": "example",
"value": ["example"]
}
],
"offset": 0,
"sort": {
"fields": ["Category"],
"order": ["ASC"]
},
"owners": ["example"],
"tagIds": ["example"],
"inventoryFilters": ["New"],
"dateRange": {
"from": 1749000000000,
"to": 1749900000000
},
"limitAggItems": 42,
"offsetAggItems": 42,
"ignoreEnvCheck": true,
"exportsOptions": {
"flattenAgg": true,
"isDemoEnabled": true,
"name": "SomeName",
"columns": [
{
"key": "Severity",
"name": "SomeName"
}
],
"rowsLimit": 42
},
"issueId": "30966426-oxPolicy_securityCloudScan_100-example",
"topOffset": 42,
"topLevelSearch": "example",
"scrollDirection": "example",
"openItems": ["digest"],
"conditionalFilters": [
{
"condition": "AND",
"fieldName": "digest",
"values": ["example"],
"greaterThan": 13.37,
"lessThan": 13.37
}
],
"cursorValue": "example"
}
}
}'
```
{% endtab %}
{% tab title="Node.js" %}
```javascript
const query = 'query GetIssues($getIssuesInput: IssuesInput) { getIssues(getIssuesInput: $getIssuesInput) { issues { importantSeverityBreakdown overrideSeverityReason highestOXCVESeverity latestCommit { originalSeverity oxSeverity callBranch linkToExternalProduct stars forks downloads vulBySeverity nameAndVer sourceRepoName sourceRepoLink sourceCreationDate sourceLastModifyDate destinationRepoName destinationRepoLink destinationCreationDate destinationLastModifyDate destinationRepoVisibility reasons _id url additionalToolData events allEvents pushType sha title link mergedBy date fileCount diffInDays reviewers user userLink userAvatar devOperation devOperationDate adminOperation adminOperationDate reviewOperation reviewOperationDate orgRole earliestActivityDate repoPermissions adminLocation email pullRequestsCount diffFromNowToCreatedAtInDays username accessLevel createdAt lastAccess fileName fileUri startLine endLine match snippet commitLink commitBy changeAuthorName mergeDate dateCommitPushed pullRequestNumber pullRequestLink codeOwners region eduVideoLink resource service accountName cloudEnv secret secretType secretTypeDescription secretStatus image imageCreatedAt pkgCount dockerVer os binariesCount tag reputation sha256 size pushedAt source sourceLink ruleId realMatch excludedByAlert filePath lockfile accountId snippetLineNumber language daysOpen isFixAvailable aggId pkgName installedVersion fixedVersion triggerPkgName triggerPkgVersion triggerPkgUpgradeVersion dependencyType branch hashAggId repo repoCreator lastCodeDate lastAdminOperation exclusionId numberOfReposDomainAppear layer baseImage imageLink registryName project resourceGroup cloudResourceTags location locationLink parameter test cvss evidence request response dastUrl method parameterType value cluster type cloudType k8sType consoleLink name subscriptionId stringifiedClusters aggStatus falsePositive { isFalsePositive comment reportedBy reportedAt isCanceled cancelComment canceledBy canceledAt commentWhenCanceled } cbomId prDeatils { sourceControlType issueId appId repo prId prURL prBranchName commitMessage commiter comment date prTitle prBody prStatus prApprover prReviewer prMergeTime } triage { triageStatus createdBy createdAt } runtimeStatus eventCount pod parentProcess process processPath command connection eventArgs eventFlags } additionalTabs { type aggItems { originalSeverity oxSeverity callBranch linkToExternalProduct stars forks downloads vulBySeverity nameAndVer sourceRepoName sourceRepoLink sourceCreationDate sourceLastModifyDate destinationRepoName destinationRepoLink destinationCreationDate destinationLastModifyDate destinationRepoVisibility reasons _id url additionalToolData events allEvents pushType sha title link mergedBy date fileCount diffInDays reviewers user userLink userAvatar devOperation devOperationDate adminOperation adminOperationDate reviewOperation reviewOperationDate orgRole earliestActivityDate repoPermissions adminLocation email pullRequestsCount diffFromNowToCreatedAtInDays username accessLevel createdAt lastAccess fileName fileUri startLine endLine match snippet commitLink commitBy changeAuthorName mergeDate dateCommitPushed pullRequestNumber pullRequestLink codeOwners region eduVideoLink resource service accountName cloudEnv secret secretType secretTypeDescription secretStatus image imageCreatedAt pkgCount dockerVer os binariesCount tag reputation sha256 size pushedAt source sourceLink ruleId realMatch excludedByAlert filePath lockfile accountId snippetLineNumber language daysOpen isFixAvailable aggId pkgName installedVersion fixedVersion triggerPkgName triggerPkgVersion triggerPkgUpgradeVersion dependencyType branch hashAggId repo repoCreator lastCodeDate lastAdminOperation exclusionId numberOfReposDomainAppear layer baseImage imageLink registryName project resourceGroup cloudResourceTags location locationLink parameter test cvss evidence request response dastUrl method parameterType value cluster type cloudType k8sType consoleLink name subscriptionId stringifiedClusters aggStatus falsePositive { isFalsePositive comment reportedBy reportedAt isCanceled cancelComment canceledBy canceledAt commentWhenCanceled } cbomId prDeatils { sourceControlType issueId appId repo prId prURL prBranchName commitMessage commiter comment date prTitle prBody prStatus prApprover prReviewer prMergeTime } triage { triageStatus createdBy createdAt } runtimeStatus eventCount pod parentProcess process processPath command connection eventArgs eventFlags } } issueDetailsHeaders { id label featureFlag } compliance { standard standardLink control category description categoryLink controlLink } sbom { id references { triggerPackage location locationLink dependencyType dependencyLevel commit { commitedAt committerName committerEmail } fileName } language libraryName libraryVersion license appName location dependencyType source appId locationLink appLink pkgName copyWriteInfo copyWriteInfoLink libLink vulnerabilityCounts { appox critical high medium low info } triggerPackage vulnerabilities { issueId oxSeverity severityNumberFromTool severityFromTool cve cveLink cvsVer cvssVersion epss percentile libName dependencyChain runtimeStatus runtimeContext { runtimeStatus cloudContexts { provider accountId region clusterName namespace containerRuntime } } libVersion chainDepth exploitInTheWild exploitInTheWildLink description dateDiscovered minorVerWithFix majorVerWithFix exploitRequirement exploitCode originalSeverity } latestVersion latestVersionDate stars forks openIssues packageManager purl packageManagerLink maintainers contributors downloads sourceLink notPopular licenseIssue malicious malwareType osVname notMaintained isDeprecated notImported notUpdated dependencyLevel requestId licenseLink artifactInSbomLibs { image imageLink imageCreatedAt sha os osVersion baseImage baseImageVersion tag layer registryName source } sha maintainersList { name email } runtimeStatus runtimeContext { runtimeStatus cloudContexts { provider accountId region clusterName namespace containerRuntime } } usedVersionReleaseDate projectDescription firstSeenDate } dependencyGraph { nodes { id name width height vulnerable } allNodes { id name width height vulnerable } edges { v w } allEdges { v w } } groupId name mainTitle secondTitle scanId sla { daysPastSLA status } issueUpdatedAt scanDate description impact exposure severity owners ownerEmails occurrences score { value comments } orgConScore connector learnMore extraInfo { key val value snippet { detectionType fileName snippetLineNumber language text } link callBranch iconLink tags } resource { id type } appName app { id name businessPriority riskScore secPosture type typeComments applicationFlows { artifacts { type name hashType system subType hash size date location { runBy foundBy foundIn link } linkName k8sType cluster region } cloudDeployments { type subType name hash hashType link location { runBy foundBy foundIn link } k8sType imageName date cluster region } cicdInfo { type system latestDate lastMonthJobCount location { runBy foundBy foundIn link } } orchestrators { type name hashType system hash size date location { runBy foundBy foundIn link } } kubernetes { type name hashType system hash subType size date location { runBy foundBy foundIn link } } repository { type system date location { runBy foundBy foundIn link } } } fakeApp originBranchName repoId organization repoName owners { name email roles } credentialsId lastCodeChange createdAt publicVisibility branch } policy { id name detailedDescription } issueId category { name categoryId subCategoryName subCategoryComment } aggregations { type columns { columns { header key tooltip href type } comment } items { originalSeverity oxSeverity callBranch linkToExternalProduct stars forks downloads vulBySeverity nameAndVer sourceRepoName sourceRepoLink sourceCreationDate sourceLastModifyDate destinationRepoName destinationRepoLink destinationCreationDate destinationLastModifyDate destinationRepoVisibility reasons _id url additionalToolData events allEvents pushType sha title link mergedBy date fileCount diffInDays reviewers user userLink userAvatar devOperation devOperationDate adminOperation adminOperationDate reviewOperation reviewOperationDate orgRole earliestActivityDate repoPermissions adminLocation email pullRequestsCount diffFromNowToCreatedAtInDays username accessLevel createdAt lastAccess fileName fileUri startLine endLine match snippet commitLink commitBy changeAuthorName mergeDate dateCommitPushed pullRequestNumber pullRequestLink codeOwners region eduVideoLink resource service accountName cloudEnv secret secretType secretTypeDescription secretStatus image imageCreatedAt pkgCount dockerVer os binariesCount tag reputation sha256 size pushedAt source sourceLink ruleId realMatch excludedByAlert filePath lockfile accountId snippetLineNumber language daysOpen isFixAvailable aggId pkgName installedVersion fixedVersion triggerPkgName triggerPkgVersion triggerPkgUpgradeVersion dependencyType branch hashAggId repo repoCreator lastCodeDate lastAdminOperation exclusionId numberOfReposDomainAppear layer baseImage imageLink registryName project resourceGroup cloudResourceTags location locationLink parameter test cvss evidence request response dastUrl method parameterType value cluster type cloudType k8sType consoleLink name subscriptionId stringifiedClusters aggStatus falsePositive { isFalsePositive comment reportedBy reportedAt isCanceled cancelComment canceledBy canceledAt commentWhenCanceled } cbomId prDeatils { sourceControlType issueId appId repo prId prURL prBranchName commitMessage commiter comment date prTitle prBody prStatus prApprover prReviewer prMergeTime } triage { triageStatus createdBy createdAt } runtimeStatus eventCount pod parentProcess process processPath command connection eventArgs eventFlags } } recommendation multipleRecommendation { type steps { title command postCommandExplanation } } sourceTools ruleId fixes { settingType tooltip description warning confirmation inputs { type name options { name selected metadata info displayName isDisabled } multiSelect maxSelect minSelect displayName } } fixAppliedDeatils { appliedBy appliedDate } cwe fixLink cweList { name description url } dependencyChain publicExploitLink createdAt tickets { provider ticketId createdBy issueId issueName appName appId category assignee reporter link project issueType key } slackNotification { channelName timestamp } messages { messagingVendor recipients { name id type } createdAt } fixIssue { fixType fixTitle fixDescription isFixApplied fixAppliedBy sourceControlType fixDate } requestContent responseContent autoFix { fixType fixTitle fixDescription isFixApplied fixAppliedBy sourceControlType fixDate } lowerSeverityReason severityChange originalToolSeverity scaVulnerabilities { issueId oxSeverity severityNumberFromTool severityFromTool cve cveLink cvsVer cvssVersion epss percentile libName dependencyChain runtimeStatus runtimeContext { runtimeStatus cloudContexts { provider accountId region clusterName namespace containerRuntime } } libVersion chainDepth exploitInTheWild exploitInTheWildLink description dateDiscovered minorVerWithFix majorVerWithFix exploitRequirement exploitCode originalSeverity } dependencyGraphNodes { id name width height vulnerable } dependencyGraphEdges { v w } scaTriggerPkg scaTriggerPkgs { scaTriggerPkg fileName } pkgSemanticVersion severityChangeReason severityChangedReason { changeNumber withoutAutoNumbering evidenceLabel reason shortName changeCategory extraInfo { key value link snippet { snippetLineNumber language text fileName } iconLink callBranch } extraInfoContainer { layerSha layerNum artifactName sha registryName } order } aggSeverityExplanation isNew newReason aggSFsForCalcDisplay { changeNumber withoutAutoNumbering evidenceLabel reason shortName changeCategory extraInfo { key value link snippet { snippetLineNumber language text fileName } iconLink callBranch } extraInfoContainer { layerSha layerNum artifactName sha registryName } order } resolvedIssueDate isPRAvailable cicdFields { issueStatus sourceBranch targetBranch jobId jobTriggeredAt jobTriggeredAtDate jobTriggeredBy jobTriggeredReason jobUrl pullRequestId pullRequestUrl enforcement excludedByAlert cicdEventType workflows { id name } } comment comments { commentId text authorId authorEmail authorName createdAt updatedAt } excludedByAlert excludedByPolicy excludedByApp countRule exclusionId languageInfo { name version } isMonoRepoChild monoRepoParent isFixAvailable isFixApplied isGPTFixAvailable oscarData { name description url id } gptInfo { gptResponse user createdAt } prDeatils { sourceControlType issueId appId repo prId prURL prBranchName commitMessage commiter comment date prTitle prBody prStatus prApprover prReviewer prMergeTime } tags { tagId name email displayName tagType createdBy purpose deploymentModel tagCategory } originalSeverity overrideSeverity isFalsePositive falsePositiveComment isCanceledFalsePositive cancelFalsePositiveComment falsePositiveDetails { canceledBy reportedBy commentWhenCanceled aggregationsStatus } issueStatus scanIssueStatus resolvedReason resolvedDetails resolvedReasonDetails { description } disappearedReason disappearedDetails disappearedReasonDetails { description } disappearedDate correlatedIssueId correlatedRegistry scaFixType previousSeverity { severity severityChangedDate } version severityFactorsDiff { shortName change status } exposedByApiItems { apiId codeLocations { link callBranch } } originBranchName exclusionComment exclusionExpiredAt problematicPkg serverlessDeploymentOperation { userIdentity { type principalId arn accountId accessKeyId sessionContext { sessionIssuer { type principalId arn accountId userName } attributes { creationDate mfaAuthenticated } } } deploymentTime sourceIPAddress userAgent connectedFromConsole location linkToCode functionName functionArn internalFunctionName cloudRegion version revisionId codeSha256 entryPoint codeSize memorySize timeout runtime runtimeVersionConfig { runtimeVersionArn } architectures role recipientAccountId description } eventFromExternalTool issueOwners { name email } overrideIssueOwner originalIssueOwners { name email } cveExclusions { label recommended tooltip type id oxRuleId level excludeBy uidOnly isDefault ffKey exclusionScope } } totalIssues totalFilteredIssues totalResolvedIssues offset totalActiveIssues selectedPosition topOffset cursorValue } }';
fetch("https://api.cloud.ox.security/api/apollo-gateway", {
method: "POST",
headers: {
"Content-Type": "application/json",
"Authorization": "YOUR_API_TOKEN"
},
body: JSON.stringify({
query: query,
// This is an example input showing all available input fields. Only fields marked as required in the schema are mandatory.
variables: {
getIssuesInput: {
scanID: "",
limit: 100,
page: 1,
search: [
{
fieldName: "example",
value: ["example"]
}
],
offset: 0,
sort: {
fields: ["Category"],
order: ["ASC"]
},
owners: ["example"],
tagIds: ["example"],
inventoryFilters: ["New"],
dateRange: {
from: 1749000000000,
to: 1749900000000
},
limitAggItems: 42,
offsetAggItems: 42,
ignoreEnvCheck: true,
exportsOptions: {
flattenAgg: true,
isDemoEnabled: true,
name: "SomeName",
columns: [
{
key: "Severity",
name: "SomeName"
}
],
rowsLimit: 42
},
issueId: "30966426-oxPolicy_securityCloudScan_100-example",
topOffset: 42,
topLevelSearch: "example",
scrollDirection: "example",
openItems: ["digest"],
conditionalFilters: [
{
condition: "AND",
fieldName: "digest",
values: ["example"],
greaterThan: 13.37,
lessThan: 13.37
}
],
cursorValue: "example"
}
}
})
})
.then(response => response.json())
.then(result => console.log(JSON.stringify(result, null, 2)))
.catch(error => console.error('Error:', error));
```
{% endtab %}
{% tab title="Python" %}
```python
import requests
query = 'query GetIssues($getIssuesInput: IssuesInput) { getIssues(getIssuesInput: $getIssuesInput) { issues { importantSeverityBreakdown overrideSeverityReason highestOXCVESeverity latestCommit { originalSeverity oxSeverity callBranch linkToExternalProduct stars forks downloads vulBySeverity nameAndVer sourceRepoName sourceRepoLink sourceCreationDate sourceLastModifyDate destinationRepoName destinationRepoLink destinationCreationDate destinationLastModifyDate destinationRepoVisibility reasons _id url additionalToolData events allEvents pushType sha title link mergedBy date fileCount diffInDays reviewers user userLink userAvatar devOperation devOperationDate adminOperation adminOperationDate reviewOperation reviewOperationDate orgRole earliestActivityDate repoPermissions adminLocation email pullRequestsCount diffFromNowToCreatedAtInDays username accessLevel createdAt lastAccess fileName fileUri startLine endLine match snippet commitLink commitBy changeAuthorName mergeDate dateCommitPushed pullRequestNumber pullRequestLink codeOwners region eduVideoLink resource service accountName cloudEnv secret secretType secretTypeDescription secretStatus image imageCreatedAt pkgCount dockerVer os binariesCount tag reputation sha256 size pushedAt source sourceLink ruleId realMatch excludedByAlert filePath lockfile accountId snippetLineNumber language daysOpen isFixAvailable aggId pkgName installedVersion fixedVersion triggerPkgName triggerPkgVersion triggerPkgUpgradeVersion dependencyType branch hashAggId repo repoCreator lastCodeDate lastAdminOperation exclusionId numberOfReposDomainAppear layer baseImage imageLink registryName project resourceGroup cloudResourceTags location locationLink parameter test cvss evidence request response dastUrl method parameterType value cluster type cloudType k8sType consoleLink name subscriptionId stringifiedClusters aggStatus falsePositive { isFalsePositive comment reportedBy reportedAt isCanceled cancelComment canceledBy canceledAt commentWhenCanceled } cbomId prDeatils { sourceControlType issueId appId repo prId prURL prBranchName commitMessage commiter comment date prTitle prBody prStatus prApprover prReviewer prMergeTime } triage { triageStatus createdBy createdAt } runtimeStatus eventCount pod parentProcess process processPath command connection eventArgs eventFlags } additionalTabs { type aggItems { originalSeverity oxSeverity callBranch linkToExternalProduct stars forks downloads vulBySeverity nameAndVer sourceRepoName sourceRepoLink sourceCreationDate sourceLastModifyDate destinationRepoName destinationRepoLink destinationCreationDate destinationLastModifyDate destinationRepoVisibility reasons _id url additionalToolData events allEvents pushType sha title link mergedBy date fileCount diffInDays reviewers user userLink userAvatar devOperation devOperationDate adminOperation adminOperationDate reviewOperation reviewOperationDate orgRole earliestActivityDate repoPermissions adminLocation email pullRequestsCount diffFromNowToCreatedAtInDays username accessLevel createdAt lastAccess fileName fileUri startLine endLine match snippet commitLink commitBy changeAuthorName mergeDate dateCommitPushed pullRequestNumber pullRequestLink codeOwners region eduVideoLink resource service accountName cloudEnv secret secretType secretTypeDescription secretStatus image imageCreatedAt pkgCount dockerVer os binariesCount tag reputation sha256 size pushedAt source sourceLink ruleId realMatch excludedByAlert filePath lockfile accountId snippetLineNumber language daysOpen isFixAvailable aggId pkgName installedVersion fixedVersion triggerPkgName triggerPkgVersion triggerPkgUpgradeVersion dependencyType branch hashAggId repo repoCreator lastCodeDate lastAdminOperation exclusionId numberOfReposDomainAppear layer baseImage imageLink registryName project resourceGroup cloudResourceTags location locationLink parameter test cvss evidence request response dastUrl method parameterType value cluster type cloudType k8sType consoleLink name subscriptionId stringifiedClusters aggStatus falsePositive { isFalsePositive comment reportedBy reportedAt isCanceled cancelComment canceledBy canceledAt commentWhenCanceled } cbomId prDeatils { sourceControlType issueId appId repo prId prURL prBranchName commitMessage commiter comment date prTitle prBody prStatus prApprover prReviewer prMergeTime } triage { triageStatus createdBy createdAt } runtimeStatus eventCount pod parentProcess process processPath command connection eventArgs eventFlags } } issueDetailsHeaders { id label featureFlag } compliance { standard standardLink control category description categoryLink controlLink } sbom { id references { triggerPackage location locationLink dependencyType dependencyLevel commit { commitedAt committerName committerEmail } fileName } language libraryName libraryVersion license appName location dependencyType source appId locationLink appLink pkgName copyWriteInfo copyWriteInfoLink libLink vulnerabilityCounts { appox critical high medium low info } triggerPackage vulnerabilities { issueId oxSeverity severityNumberFromTool severityFromTool cve cveLink cvsVer cvssVersion epss percentile libName dependencyChain runtimeStatus runtimeContext { runtimeStatus cloudContexts { provider accountId region clusterName namespace containerRuntime } } libVersion chainDepth exploitInTheWild exploitInTheWildLink description dateDiscovered minorVerWithFix majorVerWithFix exploitRequirement exploitCode originalSeverity } latestVersion latestVersionDate stars forks openIssues packageManager purl packageManagerLink maintainers contributors downloads sourceLink notPopular licenseIssue malicious malwareType osVname notMaintained isDeprecated notImported notUpdated dependencyLevel requestId licenseLink artifactInSbomLibs { image imageLink imageCreatedAt sha os osVersion baseImage baseImageVersion tag layer registryName source } sha maintainersList { name email } runtimeStatus runtimeContext { runtimeStatus cloudContexts { provider accountId region clusterName namespace containerRuntime } } usedVersionReleaseDate projectDescription firstSeenDate } dependencyGraph { nodes { id name width height vulnerable } allNodes { id name width height vulnerable } edges { v w } allEdges { v w } } groupId name mainTitle secondTitle scanId sla { daysPastSLA status } issueUpdatedAt scanDate description impact exposure severity owners ownerEmails occurrences score { value comments } orgConScore connector learnMore extraInfo { key val value snippet { detectionType fileName snippetLineNumber language text } link callBranch iconLink tags } resource { id type } appName app { id name businessPriority riskScore secPosture type typeComments applicationFlows { artifacts { type name hashType system subType hash size date location { runBy foundBy foundIn link } linkName k8sType cluster region } cloudDeployments { type subType name hash hashType link location { runBy foundBy foundIn link } k8sType imageName date cluster region } cicdInfo { type system latestDate lastMonthJobCount location { runBy foundBy foundIn link } } orchestrators { type name hashType system hash size date location { runBy foundBy foundIn link } } kubernetes { type name hashType system hash subType size date location { runBy foundBy foundIn link } } repository { type system date location { runBy foundBy foundIn link } } } fakeApp originBranchName repoId organization repoName owners { name email roles } credentialsId lastCodeChange createdAt publicVisibility branch } policy { id name detailedDescription } issueId category { name categoryId subCategoryName subCategoryComment } aggregations { type columns { columns { header key tooltip href type } comment } items { originalSeverity oxSeverity callBranch linkToExternalProduct stars forks downloads vulBySeverity nameAndVer sourceRepoName sourceRepoLink sourceCreationDate sourceLastModifyDate destinationRepoName destinationRepoLink destinationCreationDate destinationLastModifyDate destinationRepoVisibility reasons _id url additionalToolData events allEvents pushType sha title link mergedBy date fileCount diffInDays reviewers user userLink userAvatar devOperation devOperationDate adminOperation adminOperationDate reviewOperation reviewOperationDate orgRole earliestActivityDate repoPermissions adminLocation email pullRequestsCount diffFromNowToCreatedAtInDays username accessLevel createdAt lastAccess fileName fileUri startLine endLine match snippet commitLink commitBy changeAuthorName mergeDate dateCommitPushed pullRequestNumber pullRequestLink codeOwners region eduVideoLink resource service accountName cloudEnv secret secretType secretTypeDescription secretStatus image imageCreatedAt pkgCount dockerVer os binariesCount tag reputation sha256 size pushedAt source sourceLink ruleId realMatch excludedByAlert filePath lockfile accountId snippetLineNumber language daysOpen isFixAvailable aggId pkgName installedVersion fixedVersion triggerPkgName triggerPkgVersion triggerPkgUpgradeVersion dependencyType branch hashAggId repo repoCreator lastCodeDate lastAdminOperation exclusionId numberOfReposDomainAppear layer baseImage imageLink registryName project resourceGroup cloudResourceTags location locationLink parameter test cvss evidence request response dastUrl method parameterType value cluster type cloudType k8sType consoleLink name subscriptionId stringifiedClusters aggStatus falsePositive { isFalsePositive comment reportedBy reportedAt isCanceled cancelComment canceledBy canceledAt commentWhenCanceled } cbomId prDeatils { sourceControlType issueId appId repo prId prURL prBranchName commitMessage commiter comment date prTitle prBody prStatus prApprover prReviewer prMergeTime } triage { triageStatus createdBy createdAt } runtimeStatus eventCount pod parentProcess process processPath command connection eventArgs eventFlags } } recommendation multipleRecommendation { type steps { title command postCommandExplanation } } sourceTools ruleId fixes { settingType tooltip description warning confirmation inputs { type name options { name selected metadata info displayName isDisabled } multiSelect maxSelect minSelect displayName } } fixAppliedDeatils { appliedBy appliedDate } cwe fixLink cweList { name description url } dependencyChain publicExploitLink createdAt tickets { provider ticketId createdBy issueId issueName appName appId category assignee reporter link project issueType key } slackNotification { channelName timestamp } messages { messagingVendor recipients { name id type } createdAt } fixIssue { fixType fixTitle fixDescription isFixApplied fixAppliedBy sourceControlType fixDate } requestContent responseContent autoFix { fixType fixTitle fixDescription isFixApplied fixAppliedBy sourceControlType fixDate } lowerSeverityReason severityChange originalToolSeverity scaVulnerabilities { issueId oxSeverity severityNumberFromTool severityFromTool cve cveLink cvsVer cvssVersion epss percentile libName dependencyChain runtimeStatus runtimeContext { runtimeStatus cloudContexts { provider accountId region clusterName namespace containerRuntime } } libVersion chainDepth exploitInTheWild exploitInTheWildLink description dateDiscovered minorVerWithFix majorVerWithFix exploitRequirement exploitCode originalSeverity } dependencyGraphNodes { id name width height vulnerable } dependencyGraphEdges { v w } scaTriggerPkg scaTriggerPkgs { scaTriggerPkg fileName } pkgSemanticVersion severityChangeReason severityChangedReason { changeNumber withoutAutoNumbering evidenceLabel reason shortName changeCategory extraInfo { key value link snippet { snippetLineNumber language text fileName } iconLink callBranch } extraInfoContainer { layerSha layerNum artifactName sha registryName } order } aggSeverityExplanation isNew newReason aggSFsForCalcDisplay { changeNumber withoutAutoNumbering evidenceLabel reason shortName changeCategory extraInfo { key value link snippet { snippetLineNumber language text fileName } iconLink callBranch } extraInfoContainer { layerSha layerNum artifactName sha registryName } order } resolvedIssueDate isPRAvailable cicdFields { issueStatus sourceBranch targetBranch jobId jobTriggeredAt jobTriggeredAtDate jobTriggeredBy jobTriggeredReason jobUrl pullRequestId pullRequestUrl enforcement excludedByAlert cicdEventType workflows { id name } } comment comments { commentId text authorId authorEmail authorName createdAt updatedAt } excludedByAlert excludedByPolicy excludedByApp countRule exclusionId languageInfo { name version } isMonoRepoChild monoRepoParent isFixAvailable isFixApplied isGPTFixAvailable oscarData { name description url id } gptInfo { gptResponse user createdAt } prDeatils { sourceControlType issueId appId repo prId prURL prBranchName commitMessage commiter comment date prTitle prBody prStatus prApprover prReviewer prMergeTime } tags { tagId name email displayName tagType createdBy purpose deploymentModel tagCategory } originalSeverity overrideSeverity isFalsePositive falsePositiveComment isCanceledFalsePositive cancelFalsePositiveComment falsePositiveDetails { canceledBy reportedBy commentWhenCanceled aggregationsStatus } issueStatus scanIssueStatus resolvedReason resolvedDetails resolvedReasonDetails { description } disappearedReason disappearedDetails disappearedReasonDetails { description } disappearedDate correlatedIssueId correlatedRegistry scaFixType previousSeverity { severity severityChangedDate } version severityFactorsDiff { shortName change status } exposedByApiItems { apiId codeLocations { link callBranch } } originBranchName exclusionComment exclusionExpiredAt problematicPkg serverlessDeploymentOperation { userIdentity { type principalId arn accountId accessKeyId sessionContext { sessionIssuer { type principalId arn accountId userName } attributes { creationDate mfaAuthenticated } } } deploymentTime sourceIPAddress userAgent connectedFromConsole location linkToCode functionName functionArn internalFunctionName cloudRegion version revisionId codeSha256 entryPoint codeSize memorySize timeout runtime runtimeVersionConfig { runtimeVersionArn } architectures role recipientAccountId description } eventFromExternalTool issueOwners { name email } overrideIssueOwner originalIssueOwners { name email } cveExclusions { label recommended tooltip type id oxRuleId level excludeBy uidOnly isDefault ffKey exclusionScope } } totalIssues totalFilteredIssues totalResolvedIssues offset totalActiveIssues selectedPosition topOffset cursorValue } }'
response = requests.post(
"https://api.cloud.ox.security/api/apollo-gateway",
headers={
"Content-Type": "application/json",
"Authorization": "YOUR_API_TOKEN"
},
json={
"query": query,
# This is an example input showing all available input fields. Only fields marked as required in the schema are mandatory.
"variables": {
"getIssuesInput": {
"scanID": "",
"limit": 100,
"page": 1,
"search": [
{
"fieldName": "example",
"value": ["example"]
}
],
"offset": 0,
"sort": {
"fields": ["Category"],
"order": ["ASC"]
},
"owners": ["example"],
"tagIds": ["example"],
"inventoryFilters": ["New"],
"dateRange": {
"from": 1749000000000,
"to": 1749900000000
},
"limitAggItems": 42,
"offsetAggItems": 42,
"ignoreEnvCheck": true,
"exportsOptions": {
"flattenAgg": true,
"isDemoEnabled": true,
"name": "SomeName",
"columns": [
{
"key": "Severity",
"name": "SomeName"
}
],
"rowsLimit": 42
},
"issueId": "30966426-oxPolicy_securityCloudScan_100-example",
"topOffset": 42,
"topLevelSearch": "example",
"scrollDirection": "example",
"openItems": ["digest"],
"conditionalFilters": [
{
"condition": "AND",
"fieldName": "digest",
"values": ["example"],
"greaterThan": 13.37,
"lessThan": 13.37
}
],
"cursorValue": "example"
}
}
}
)
if response.status_code == 200:
result = response.json()
print(result)
else:
print(f"Error: {response.status_code}")
print(response.text)
```
{% endtab %}
{% endtabs %}
### Arguments
You can use the following argument(s) to customize your `getIssues` query.
| Argument | Description | Supported fields |
| -------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| getIssuesInput [`IssuesInput`](/api-documentation/api-reference/api--issue/types/inputs/issues-input.md) | Parameters for filtering, sorting, and paginating the issues list, including search criteria, severity filters, and display preferences | scanID String
limit Int!
page Int
search \[AutoCompleteSearch]
offset Int
filters IssueFilters
sort IssuesSort
owners \[String]
tagIds \[String]
inventoryFilters \[InventoryTypes]
dateRange DateRange
limitAggItems Int
offsetAggItems Int
ignoreEnvCheck Boolean
exportsOptions IssuesExportOptions
issueId String
topOffset Int
topLevelSearch String
scrollDirection String
openItems \[FilterTypes]
conditionalFilters \[ConditionalFilters]
cursorValue String
|
### Fields
Return type: [`IssuesResponse`](/api-documentation/api-reference/api--issue/types/objects/issues-response.md)
You can use the following field(s) to specify what information your `getIssues` query will return. Please note that some fields may have their own subfields.
| Field | Description | Supported fields |
| -------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| issues [`[Issue]`](/api-documentation/api-reference/api--issue/types/objects/issue.md) | List of issues or alerts associated with the query | importantSeverityBreakdown \[String]
isCVERelated Boolean ⚠️
overrideSeverityReason String
highestOXCVESeverity String
latestCommit AggItem
additionalTabs \[AdditionalTab]
issueDetailsHeaders \[IssueDetailsTabs]
compliance \[ComplianceItem]
sbom SbomLib
dependencyGraph SbomDependencyGraphResponse
groupId String
name String
mainTitle String
secondTitle String
scanId String
created Float ⚠️
sla SlaData
issueUpdatedAt Float
scanDate Float
description String
impact String
exposure String
severity String
owners \[String]
ownerEmails \[String]
occurrences Int
score IssueScore
orgConScore Float
connector String
learnMore \[String]
extraInfo \[ExtraInfo]
resource IssueResource
appName String
app IAppsInfo
policy IPolicy
issueId String
category ICategory
aggregations IAggregations
recommendation String
multipleRecommendation \[RecommendationType]
sourceTools \[String]
ruleId String
fixes PolicyFix
fixAppliedDeatils FixAppliedDeatils
cwe \[String]
fixLink String
cweList \[CweList]
dependencyChain \[String]
publicExploitLink String
createdAt Float
tickets \[Ticket]
slackNotification \[SlackNotification]
messages \[IssueMessage]
fixIssue FixIssue
requestContent String
responseContent String
autoFix FixIssue
lowerSeverityReason \[String]
severityChange String
originalToolSeverity String
scaVulnerabilities \[SCAVulnerability]
dependencyGraphNodes \[DependencyNode]
dependencyGraphEdges \[DependencyEdge]
scaTriggerPkg String
scaTriggerPkgs \[TriggerPackage]
pkgSemanticVersion String
graphExist Boolean ⚠️
severityChangeReason \[String]
severityChangedReason \[SeverityChangedReason]
aggSeverityExplanation String
isNew Boolean
newReason String
aggSFsForCalcDisplay \[SeverityChangedReason]
resolvedIssueDate Float
isPRAvailable Boolean
cicdFields CICDFields
comment String
comments \[IssueComment]
excludedByAlert Boolean
excludedByPolicy Boolean
excludedByApp Boolean
countRule CountRule
exclusionId String
languageInfo LanguageInfo
isMonoRepoChild Boolean
monoRepoParent String
isFixAvailable Boolean
isFixApplied Boolean
isGPTFixAvailable Boolean
oscarData \[OscarItem]
gptInfo GPTInfo
prDeatils PullRequest
tags \[AppTag]
originalSeverity Int
overrideSeverity Boolean
isFalsePositive Boolean
falsePositiveComment String
isCanceledFalsePositive Boolean
cancelFalsePositiveComment String
falsePositiveDetails FalsePositiveDetails
issueStatus IssueStatus
scanIssueStatus IssueStatus
resolvedReason String
resolvedDetails String
resolvedReasonDetails ReasonDetails
disappearedReason String
disappearedDetails String
disappearedReasonDetails ReasonDetails
disappearedDate Float
correlatedIssueId String
correlatedRegistry String
scaFixType ScaFixType
previousSeverity PrevSeverity
version String
severityFactorsDiff \[SeverityFactorsDiff]
exposedByApiItems \[ExposedByApiItem]
originBranchName String
exclusionComment String
exclusionExpiredAt Date
problematicPkg String
serverlessDeploymentOperation ServerlessDeploymentOperation
eventFromExternalTool Boolean
issueOwners \[IOwner]
overrideIssueOwner Boolean
originalIssueOwners \[IOwner]
cveExclusions \[RecommendedExclusions]
|
| totalIssues `Int` | Total count of issues without any filters applied | |
| totalFilteredIssues `Int` | Total count of issues considering applied filters | |
| totalResolvedIssues `Int` | Total count of resolved issues | |
| offset `Int` | Offset value to skip records in paginated responses | |
| totalActiveIssues `Int` | Total count of active issues | |
| selectedPosition `Int` | Selected position in the issue list | |
| topOffset `Int` | Offset value used for top-level pagination | |
| cursorValue `String` | A value returned by the API that represents the position of the last item in the previous page. Use this value to paginate efficiently through the results. Pass the cursorValue from the previous API response to fetch the next page of results. If omitted, the API returns the first page. | |
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.ox.security/api-documentation/api-reference/api--issue/queries/get-issues.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.