getArtifacts
The getArtifacts API retrieves all artifacts associated with a specific organization. Artifacts are typically software components, container images, libraries, or other digital assets that have been scanned for security vulnerabilities and compliance issues. This API provides a structured way to access, filter, and analyze artifacts within your system.
With this API, you can:
Retrieve a list of artifacts linked to a given organization ID.
Access detailed metadata for each artifact, including version, repository, associated vulnerabilities, and security posture.
Sort and filter artifacts based on various criteria to track security risks, compliance status, and artifact integrity.
Type
Query
Query Example
query GetArtifacts {
getArtifacts {
artifacts {
vulnDepIssues
vulnDepBaseIssues
vulnDepInstructionIssues
secretIssues
id
appDescription {
appName
appType
appId
businessPriority
}
artifactInfo {
type
name
version
hash
artifactIntegrity
registry
}
categories {
catId
severities {
info
low
medium
high
critical
appox
}
name
score
}
artifactCategories {
catId
name
score
}
registryDescription {
type
name
project
link
hash
tags
username
userType
uploadTime
lastUpdate
buildTime
}
cloudData {
cloudIdentifier
link
lastExecutionTime
lastModifiedTime
account
zone
cluster
cloudDescription {
type
subType
cloudEntityAttributes {
... on ECS {
os
cpu
memory
containers
registeredAt
registeredBy
account
zone
}
}
}
}
totalIssuesBySeverity {
info
low
medium
high
critical
appox
}
packages {
appId
appName
repoName
link
type
}
}
offset
total
totalFilteredArtifacts
}
}Parameters
getArtifactsInput
GetArtifactsInput object
Input variables
Object Variable
Description
Value
dateRange
Date range.
DateRange = {"from":0,"to":4294967295}
filters
Artifact filters applied.
ArtifactFilters = {}
limit
Maximum number of items to return.
Int = 100
offset
Offset for pagination.
Int = 0
search
Search string.
String
sort
Sorting configuration for artifacts.
ArtifactsSort = {"field":["Created"],"order":["DESC"]}
Response object variables
Response fields
Object Variable
Description
Value
appDescription
ArtifactApplication
artifactInfo
IArtifactInfo
categories
[ArtifactCategories]
cloudData
[CloudArtifactData]
id
Unique identifier.
String
packages
[ArtifactPackage]
registryDescription
[ArtifactRegistryDescription]
secretIssues
List of secret issues.
[String]
totalIssuesBySeverity
Issues categorized by severity.
Severities
vulnDepBaseIssues
List of vulnerable dependency base issues.
[String]
vulnDepInstructionIssues
List of vulnerable dependency instruction issues.
[String]
vulnDepIssues
List of vulnerable dependency issues.
[String]
appDescription object variables
appDescription object variablesObject Variable
Description
Value
appId
Unique application ID.
String
appName
Name of the application.
String
appType
Type of the application.
String
businessPriority
Business priority.
Float
artifactInfo object variables
artifactInfo object variablesObject Variable
Description
Value
artifactIntegrity
Integrity of the artifact.
String
hash
Hash value of the artifact.
String
name
Name of the artifact.
String
registry
Registry information.
String
type
Type of artifact info.
ArtifactInfoTypes (values: Container, Lambda, NPM, Yarn, Serverless)
version
Version of the artifact.
String
categories object variables
categories object variablesObject Variable
Description
Value
catId
Category ID of issues.
String
name
Name of the category.
String (e.g., "Code Security", "Secrets", etc.)
score
Highest severity issue for the artifact.
String
severities
Severity levels.
Int (values: appox, critical, high, info, low, medium)
cloudData object variables
cloudData object variablesObject Variable
Description
Value
account
Account information.
String
cloudIdentifier
Identifier for the cloud object.
String (e.g., EKS, AKS, etc.)
cloudDescription
CloudDescription
cluster
Cluster information.
String
lastExecutionTime
Time of the last execution.
Float
lastModifiedTime
Time of the last modification.
Float
link
Associated link.
String
zone
Zone information.
String
cloudDescription object variables
cloudDescription object variablesObject Variable
Description
Value
cloudEntityAttributes
CommonCloudAttributesUnion
subType
Subtype of the cloud entity.
CloudSubTypes (values: Lambda, CloudFunction, ECS, EKS, AKS, GKE, EC2, ComputeEngine)
type
Type of the cloud entity.
CloudTypes (values: AWS, GCP, Azure)
cloudEntityAttributes objects: ECS
Object Variable
Description
Value
account
Account information.
String
containers
Container details.
String
cpu
CPU details.
String
memory
Memory details.
String
os
Operating system.
String
registeredAt
Registration timestamp.
Float
registeredBy
Registered by user or entity.
String
zone
Zone information.
String
packages object variables
packages object variablesA list of repositories, each used to build a package that was installed on the artifact.
Object Variable
Description
Value
appId
Application ID.
String
appName
Name of the application.
String
link
Associated link.
String
repoName
Repository name.
String
type
Type of application.
String
registryDescription object variables
registryDescription object variablesObject Variable
Description
Value
buildTime
Date of image build.
Float
hash
Container image hash.
String
lastUpdate
Time of last update.
Float
link
Link to image in registry.
String
name
Container image Name.
String
project
Project name in registry.
String
tags
List of Container Image tags.
[String]
type
Registry type.
String
uploadTime
Time of image upload.
Float
getArtifacts Examples
getArtifacts ExamplesRequest Body
"getArtifactsInput": {
"offset": 0,
"limit": 50,
"filters": {},
"owners": [],
"tagIds": [],
"search": "",
"dateRange": {
"from": 1730671199999,
"to": 1738619999999
}
}
}Response Example
{
"data": {
"getArtifacts": {
"artifacts": [
{
"vulnDepIssues": null,
"vulnDepBaseIssues": null,
"vulnDepInstructionIssues": null,
"secretIssues": null,
"id": "ead4ac3c2cdd8bee9a794a7046f7cf8a508fab791b7708fb80798b402612d606_docker-service_584102675",
"appDescription": {
"appName": "OX-Security-Demo/Multi-currency-management",
"appType": "GitHub",
"appId": "584102675",
"businessPriority": 92.5
},
"artifactInfo": {
"type": "Container",
"name": "docker-service",
"version": "latest",
"hash": "ead4ac3c2cdd8bee9a794a7046f7cf8a508fab791b7708fb80798b402612d606",
"artifactIntegrity": "N/A",
"registry": "203043666164.dkr.ecr.eu-west-1.amazonaws.com"
},
"categories": [
{
"catId": "3",
"severities": {
"info": 0,
"low": 1,
"medium": 1,
"high": 2,
"critical": 0,
"appox": 0
},
"name": "Git Posture",
"score": "high"
},
{
"catId": "4",
"severities": {
"info": 2,
"low": 3,
"medium": 1,
"high": 3,
"critical": 0,
"appox": 0
},
"name": "Code Security",
"score": "high"
},
{
"catId": "5",
"severities": {
"info": 5,
"low": 0,
"medium": 3,
"high": 0,
"critical": 2,
"appox": 0
},
"name": "Secret/PII Scan",
"score": "critical"
},
{
"catId": "6",
"severities": {
"info": 11,
"low": 5,
"medium": 1,
"high": 0,
"critical": 0,
"appox": 0
},
"name": "Open Source Security",
"score": "medium"
},
{
"catId": "7",
"severities": {
"info": 4,
"low": 67,
"medium": 30,
"high": 1,
"critical": 1,
"appox": 0
},
"name": "SBOM",
"score": "critical"
},
{
"catId": "8",
"severities": {
"info": 1,
"low": 3,
"medium": 1,
"high": 0,
"critical": 0,
"appox": 0
},
"name": "Infrastructure as Code Scan",
"score": "medium"
},
{
"catId": "12",
"severities": {
"info": 15,
"low": 9,
"medium": 5,
"high": 4,
"critical": 1,
"appox": 0
},
"name": "Container Security",
"score": "critical"
},
{
"catId": "25",
"severities": {
"info": 0,
"low": 0,
"medium": 1,
"high": 1,
"critical": 0,
"appox": 0
},
"name": "CI/CD Posture",
"score": "high"
}
],
"artifactCategories": [
{
"catId": "12",
"name": "Container Security",
"score": "critical"
}
],
"registryDescription": [
{
"type": "Amazon ECR",
"name": "203043666164.dkr.ecr.eu-west-1.amazonaws.com/docker-service",
"project": "203043666164.dkr.ecr.eu-west-1.amazonaws.com",
"link": "https://eu-west-1.console.aws.amazon.com/ecr/repositories/private/203043666164/docker-service/_/image/sha256:ead4ac3c2cdd8bee9a794a7046f7cf8a508fab791b7708fb80798b402612d606/details/?region=eu-west-1",
"hash": "ead4ac3c2cdd8bee9a794a7046f7cf8a508fab791b7708fb80798b402612d606",
"tags": [
"latest"
],
"username": "Amazon ECR User",
"userType": null,
"uploadTime": 1734861214076,
"lastUpdate": 1734861214076,
"buildTime": 1734861214076
}
],
"cloudData": [],
"totalIssuesBySeverity": {
"info": 15,
"low": 9,
"medium": 5,
"high": 4,
"critical": 1,
"appox": 0
},
"packages": null
},
{
"vulnDepIssues": null,
"vulnDepBaseIssues": null,
"vulnDepInstructionIssues": null,
"secretIssues": null,
"id": "d367750263f4bba553d1285b9b733b5c6a2932bb5d16ac329956316dae397a69_bank-backend_585303099",
"appDescription": {
"appName": "OX-Security-Demo/Bank-Website-Backend",
"appType": "GitHub",
"appId": "585303099",
"businessPriority": 92.5
},
"artifactInfo": {
"type": "Container",
"name": "bank-backend",
"version": "latest",
"hash": "d367750263f4bba553d1285b9b733b5c6a2932bb5d16ac329956316dae397a69",
"artifactIntegrity": "N/A",
"registry": "ox-test-playground/global"
},
"categories": [
{
"catId": "3",
"severities": {
"info": 6,
"low": 0,
"medium": 1,
"high": 2,
"critical": 0,
"appox": 0
},
"name": "Git Posture",
"score": "high"
},
{
"catId": "4",
"severities": {
"info": 1,
"low": 3,
"medium": 2,
"high": 1,
"critical": 0,
"appox": 0
},
"name": "Code Security",
"score": "high"
},
{
"catId": "5",
"severities": {
"info": 4,
"low": 0,
"medium": 4,
"high": 5,
"critical": 0,
"appox": 0
},
"name": "Secret/PII Scan",
"score": "high"
},
{
"catId": "6",
"severities": {
"info": 3,
"low": 3,
"medium": 4,
"high": 7,
"critical": 1,
"appox": 0
},
"name": "Open Source Security",
"score": "critical"
},
{
"catId": "7",
"severities": {
"info": 0,
"low": 0,
"medium": 2,
"high": 2,
"critical": 0,
"appox": 0
},
"name": "SBOM",
"score": "high"
},
{
"catId": "8",
"severities": {
"info": 1,
"low": 1,
"medium": 0,
"high": 0,
"critical": 0,
"appox": 0
},
"name": "Infrastructure as Code Scan",
"score": "low"
},
{
"catId": "12",
"severities": {
"info": 6,
"low": 14,
"medium": 24,
"high": 25,
"critical": 0,
"appox": 1
},
"name": "Container Security",
"score": "appox"
},
{
"catId": "15",
"severities": {
"info": 0,
"low": 1,
"medium": 0,
"high": 0,
"critical": 0,
"appox": 0
},
"name": "Cloud Context",
"score": "low"
},
{
"catId": "25",
"severities": {
"info": 0,
"low": 0,
"medium": 3,
"high": 0,
"critical": 1,
"appox": 0
},
"name": "CI/CD Posture",
"score": "critical"
}
],
"artifactCategories": [
{
"catId": "12",
"name": "Container Security",
"score": "appox"
}
],
"registryDescription": [
{
"type": "Google Container Registry",
"name": "bank-backend",
"project": "ox-test-playground/global",
"link": "https://console.cloud.google.com/gcr/images/ox-test-playground/global/bank-backend",
"hash": "d367750263f4bba553d1285b9b733b5c6a2932bb5d16ac329956316dae397a69",
"tags": [
"latest"
],
"username": "Google Container Registry User",
"userType": null,
"uploadTime": 1734860730000,
"lastUpdate": 1734860730000,
"buildTime": 1734860730000
}
],
"cloudData": [],
"totalIssuesBySeverity": {
"info": 3,
"low": 8,
"medium": 13,
"high": 16,
"critical": 0,
"appox": 1
},
"packages": null
},
{
"vulnDepIssues": null,
"vulnDepBaseIssues": null,
"vulnDepInstructionIssues": null,
"secretIssues": null,
"id": "80af5bdbfa4b75f6527bb1da2fd2c2f2633126c701dadedd02b0fe72b4aacc06_juice-shop_794094176",
"appDescription": {
"appName": "OX-Security-Demo/juice-shop",
"appType": "GitHub",
"appId": "794094176",
"businessPriority": 99
},
"artifactInfo": {
"type": "Container",
"name": "juice-shop",
"version": "v1",
"hash": "80af5bdbfa4b75f6527bb1da2fd2c2f2633126c701dadedd02b0fe72b4aacc06",
"artifactIntegrity": "N/A",
"registry": "ox-test-playground/europe-west2"
},
"categories": [
{
"catId": "3",
"severities": {
"info": 0,
"low": 0,
"medium": 1,
"high": 1,
"critical": 0,
"appox": 0
},
"name": "Git Posture",
"score": "high"
},
{
"catId": "4",
"severities": {
"info": 4,
"low": 19,
"medium": 4,
"high": 5,
"critical": 1,
"appox": 0
},
"name": "Code Security",
"score": "critical"
},
{
"catId": "5",
"severities": {
"info": 0,
"low": 0,
"medium": 4,
"high": 7,
"critical": 1,
"appox": 0
},
"name": "Secret/PII Scan",
"score": "critical"
},
{
"catId": "6",
"severities": {
"info": 10,
"low": 9,
"medium": 5,
"high": 2,
"critical": 0,
"appox": 0
},
"name": "Open Source Security",
"score": "high"
},
{
"catId": "7",
"severities": {
"info": 6,
"low": 101,
"medium": 76,
"high": 6,
"critical": 0,
"appox": 0
},
"name": "SBOM",
"score": "high"
},
{
"catId": "8",
"severities": {
"info": 1,
"low": 1,
"medium": 0,
"high": 0,
"critical": 0,
"appox": 0
},
"name": "Infrastructure as Code Scan",
"score": "low"
},
{
"catId": "12",
"severities": {
"info": 14,
"low": 56,
"medium": 22,
"high": 16,
"critical": 2,
"appox": 0
},
"name": "Container Security",
"score": "critical"
}
],
"artifactCategories": [
{
"catId": "12",
"name": "Container Security",
"score": "critical"
}
],
"registryDescription": [
{
"type": "Google Artifact Registry",
"name": "juice-shop",
"project": "ox-test-playground/europe-west2",
"link": "https://console.cloud.google.com/artifacts/docker/ox-test-playground/europe-west2/juicehop/juice-shop",
"hash": "80af5bdbfa4b75f6527bb1da2fd2c2f2633126c701dadedd02b0fe72b4aacc06",
"tags": [
"v1"
],
"username": "Google Artifact Registry User",
"userType": null,
"uploadTime": 1730985852000,
"lastUpdate": 1730985852000,
"buildTime": 1730985852000
}
],
"cloudData": [],
"totalIssuesBySeverity": {
"info": 5,
"low": 20,
"medium": 10,
"high": 7,
"critical": 1,
"appox": 0
},
"packages": null
},
{
"vulnDepIssues": null,
"vulnDepBaseIssues": null,
"vulnDepInstructionIssues": null,
"secretIssues": null,
"id": "bce14f4794fcf6427a11cbade2fa64ff6e1e5cb18c01b030cf7f9147369d0816_juiceshop_794094176",
"appDescription": {
"appName": "OX-Security-Demo/juice-shop",
"appType": "GitHub",
"appId": "794094176",
"businessPriority": 99
},
"artifactInfo": {
"type": "Container",
"name": "juiceshop",
"version": "latest",
"hash": "bce14f4794fcf6427a11cbade2fa64ff6e1e5cb18c01b030cf7f9147369d0816",
"artifactIntegrity": "N/A",
"registry": "203043666164.dkr.ecr.eu-west-1.amazonaws.com"
},
"categories": [
{
"catId": "3",
"severities": {
"info": 0,
"low": 0,
"medium": 1,
"high": 1,
"critical": 0,
"appox": 0
},
"name": "Git Posture",
"score": "high"
},
{
"catId": "4",
"severities": {
"info": 4,
"low": 19,
"medium": 4,
"high": 5,
"critical": 1,
"appox": 0
},
"name": "Code Security",
"score": "critical"
},
{
"catId": "5",
"severities": {
"info": 0,
"low": 0,
"medium": 4,
"high": 7,
"critical": 1,
"appox": 0
},
"name": "Secret/PII Scan",
"score": "critical"
},
{
"catId": "6",
"severities": {
"info": 10,
"low": 9,
"medium": 5,
"high": 2,
"critical": 0,
"appox": 0
},
"name": "Open Source Security",
"score": "high"
},
{
"catId": "7",
"severities": {
"info": 6,
"low": 101,
"medium": 76,
"high": 6,
"critical": 0,
"appox": 0
},
"name": "SBOM",
"score": "high"
},
{
"catId": "8",
"severities": {
"info": 1,
"low": 1,
"medium": 0,
"high": 0,
"critical": 0,
"appox": 0
},
"name": "Infrastructure as Code Scan",
"score": "low"
},
{
"catId": "12",
"severities": {
"info": 14,
"low": 56,
"medium": 22,
"high": 16,
"critical": 2,
"appox": 0
},
"name": "Container Security",
"score": "critical"
}
],
"artifactCategories": [
{
"catId": "12",
"name": "Container Security",
"score": "critical"
}
],
"registryDescription": [
{
"type": "Amazon ECR",
"name": "203043666164.dkr.ecr.eu-west-1.amazonaws.com/juiceshop",
"project": "203043666164.dkr.ecr.eu-west-1.amazonaws.com",
"link": "https://eu-west-1.console.aws.amazon.com/ecr/repositories/private/203043666164/juiceshop/_/image/sha256:bce14f4794fcf6427a11cbade2fa64ff6e1e5cb18c01b030cf7f9147369d0816/details/?region=eu-west-1",
"hash": "bce14f4794fcf6427a11cbade2fa64ff6e1e5cb18c01b030cf7f9147369d0816",
"tags": [
"latest"
],
"username": "Amazon ECR User",
"userType": null,
"uploadTime": 1721718400000,
"lastUpdate": 1721718400000,
"buildTime": 1721718400000
}
],
"cloudData": [
{
"cloudIdentifier": "EKS",
"link": "https://eu-west-1.console.aws.amazon.com/eks/home?region=eu-west-1#/clusters/oc-demo-cluster/deployments/juiceshop?namespace=default",
"lastExecutionTime": 1734873331046,
"lastModifiedTime": null,
"account": null,
"zone": null,
"cluster": "oc-demo-cluster",
"cloudDescription": {
"type": "AWS",
"subType": "EKS",
"cloudEntityAttributes": null
}
}
],
"totalIssuesBySeverity": {
"info": 9,
"low": 36,
"medium": 12,
"high": 9,
"critical": 1,
"appox": 0
},
"packages": null
},
{
"vulnDepIssues": null,
"vulnDepBaseIssues": null,
"vulnDepInstructionIssues": null,
"secretIssues": null,
"id": "d0ca170aff7a13f0fc45e743ccbce035f350d06b4183723885791ef148dfd8e6_bank-backend_585303099",
"appDescription": {
"appName": "OX-Security-Demo/Bank-Website-Backend",
"appType": "GitHub",
"appId": "585303099",
"businessPriority": 92.5
},
"artifactInfo": {
"type": "Container",
"name": "bank-backend",
"version": "v1",
"hash": "d0ca170aff7a13f0fc45e743ccbce035f350d06b4183723885791ef148dfd8e6",
"artifactIntegrity": "N/A",
"registry": "203043666164.dkr.ecr.eu-west-1.amazonaws.com"
},
"categories": [
{
"catId": "3",
"severities": {
"info": 6,
"low": 0,
"medium": 1,
"high": 2,
"critical": 0,
"appox": 0
},
"name": "Git Posture",
"score": "high"
},
{
"catId": "4",
"severities": {
"info": 1,
"low": 3,
"medium": 2,
"high": 1,
"critical": 0,
"appox": 0
},
"name": "Code Security",
"score": "high"
},
{
"catId": "5",
"severities": {
"info": 4,
"low": 0,
"medium": 4,
"high": 5,
"critical": 0,
"appox": 0
},
"name": "Secret/PII Scan",
"score": "high"
},
{
"catId": "6",
"severities": {
"info": 3,
"low": 3,
"medium": 4,
"high": 7,
"critical": 1,
"appox": 0
},
"name": "Open Source Security",
"score": "critical"
},
{
"catId": "7",
"severities": {
"info": 0,
"low": 0,
"medium": 2,
"high": 2,
"critical": 0,
"appox": 0
},
"name": "SBOM",
"score": "high"
},
{
"catId": "8",
"severities": {
"info": 1,
"low": 1,
"medium": 0,
"high": 0,
"critical": 0,
"appox": 0
},
"name": "Infrastructure as Code Scan",
"score": "low"
},
{
"catId": "12",
"severities": {
"info": 6,
"low": 14,
"medium": 24,
"high": 25,
"critical": 0,
"appox": 1
},
"name": "Container Security",
"score": "appox"
},
{
"catId": "15",
"severities": {
"info": 0,
"low": 1,
"medium": 0,
"high": 0,
"critical": 0,
"appox": 0
},
"name": "Cloud Context",
"score": "low"
},
{
"catId": "25",
"severities": {
"info": 0,
"low": 0,
"medium": 3,
"high": 0,
"critical": 1,
"appox": 0
},
"name": "CI/CD Posture",
"score": "critical"
}
],
"artifactCategories": [
{
"catId": "12",
"name": "Container Security",
"score": "high"
}
],
"registryDescription": [
{
"type": "Amazon ECR",
"name": "203043666164.dkr.ecr.eu-west-1.amazonaws.com/bank-backend",
"project": "203043666164.dkr.ecr.eu-west-1.amazonaws.com",
"link": "https://eu-west-1.console.aws.amazon.com/ecr/repositories/private/203043666164/bank-backend/_/image/sha256:d0ca170aff7a13f0fc45e743ccbce035f350d06b4183723885791ef148dfd8e6/details/?region=eu-west-1",
"hash": "d0ca170aff7a13f0fc45e743ccbce035f350d06b4183723885791ef148dfd8e6",
"tags": [
"v1"
],
"username": "Amazon ECR User",
"userType": null,
"uploadTime": 1690882384000,
"lastUpdate": 1690882384000,
"buildTime": 1690882384000
}
],
"cloudData": [
{
"cloudIdentifier": "EKS",
"link": "https://eu-west-1.console.aws.amazon.com/eks/home?region=eu-west-1#/clusters/oc-demo-cluster/cronjobs/never-run-cronjob?namespace=default",
"lastExecutionTime": 1734873331045,
"lastModifiedTime": null,
"account": null,
"zone": null,
"cluster": "oc-demo-cluster",
"cloudDescription": {
"type": "AWS",
"subType": "EKS",
"cloudEntityAttributes": null
}
}
],
"totalIssuesBySeverity": {
"info": 3,
"low": 6,
"medium": 11,
"high": 9,
"critical": 0,
"appox": 0
},
"packages": null
}
],
"offset": 100,
"total": 5,
"totalFilteredArtifacts": 5
}
}
}