API Documentation
Retrieves detailed information about a specific project, including branch scan statistics and values.
Retrieve project-related branch scan statistics and values. Must provide a valid branch name.
mainProject name to retrieve the specific project details. Must provide a valid project name.
example_projectGET /api/project?key=text HTTP/1.1
Host: <baseURL>
Accept: */*
{
"settings": {
"analyse_settings": {
"excluded_paths": "text",
"sca": true,
"sast": true,
"license_detection": true,
"default_policy": "text"
},
"monitoring_settings": {
"post_scan_comment_sast_result": true,
"create_pr_sca_new_issues": true,
"create_pr_sca_backlog_issues": true,
"assign_pr_sca": true,
"assign_pr_sca_users": [
"text"
],
"push_event": true,
"pull_request_event": true,
"default_branch": "text",
"webhook": {
"active": true,
"id": "text",
"parameter": "text"
}
}
},
"integrations": {
"azure": {
"repoId": "text",
"account": "text",
"project": "text",
"policy_id": "text",
"type": "text",
"branch": "text",
"projectID": "text"
},
"github": {
"repoId": "text",
"account": "text",
"policy_id": "text",
"branch": "text",
"url": "text",
"type": "text"
},
"gitlab": {
"projectID": "text",
"account": "text",
"policy_id": "text",
"branch": "text",
"url": "text",
"type": "text"
},
"bitbucket": {
"account": "text",
"workspace": "text",
"repository": "text",
"projectKey": "text",
"policy_id": "text",
"branch": "text",
"type": "text"
},
"git": {
"url": "text",
"branch": "text",
"policy_id": "text"
}
},
"schemaVersion": "text",
"project_name": "text",
"description": "text",
"version": "text",
"languages": [
"text"
],
"created_at": "2025-06-25T11:43:46.054Z",
"tags": [
"text"
],
"total_loc": 1,
"total_files": 1,
"type": "text",
"owner": "text",
"team": [
"text"
],
"created_by": "text",
"scan_ids": [
"text"
],
"isActive": true,
"analytics": {
"compliances": {
"ANY_ADDITIONAL_PROPERTY": 1
},
"issueTrend": [
{
"id": "text",
"date": "2025-06-25T11:43:46.054Z",
"issues": {
"open": 1,
"closed": 1
}
}
],
"topIssueCategories": {
"ANY_ADDITIONAL_PROPERTY": 1
},
"_id": "text"
},
"state": "text",
"last_scan_time": 1,
"is_repository_accessible": true,
"sast_severities_count": {
"medium": 1,
"critical": 1,
"high": 1,
"low": 1
},
"sca_issues_count": {
"medium": 1,
"critical": 1,
"high": 1,
"low": 1
},
"licenses_count": {
"medium": 1,
"critical": 1,
"high": 1,
"low": 1
},
"default_branch": "text",
"branches": [
{
"branch_name": "text",
"scans": [
"text"
]
}
]
}Retrieves a list of projects based on the provided parameters.
Page ID for pagination.
1Page number for pagination.
1Number of projects per page, with a maximum limit of 500.
50Filter projects by name (alphanumeric, dash, underscore, and dot allowed).
example_projectCriteria to sort projects: by name, size (descending/ascending), or scan date (newest first).
namePossible values: Base64 encoded filter criteria for projects:
- type: upload, git, github, gitlab, azure, bitbucket, jenkins
- owner: Owner's username
- languages: ["java", "javascript", "csharp", ...]
- state: failure, run, stop, end
base64_encoded_stringGET /api/projects HTTP/1.1
Host: <baseURL>
Accept: */*
[
{
"settings": {
"analyse_settings": {
"excluded_paths": "text",
"sca": true,
"sast": true,
"license_detection": true,
"default_policy": "text"
},
"monitoring_settings": {
"post_scan_comment_sast_result": true,
"create_pr_sca_new_issues": true,
"create_pr_sca_backlog_issues": true,
"assign_pr_sca": true,
"assign_pr_sca_users": [
"text"
],
"push_event": true,
"pull_request_event": true,
"default_branch": "text",
"webhook": {
"active": true,
"id": "text",
"parameter": "text"
}
}
},
"integrations": {
"azure": {
"repoId": "text",
"account": "text",
"project": "text",
"policy_id": "text",
"type": "text",
"branch": "text",
"projectID": "text"
},
"github": {
"repoId": "text",
"account": "text",
"policy_id": "text",
"branch": "text",
"url": "text",
"type": "text"
},
"gitlab": {
"projectID": "text",
"account": "text",
"policy_id": "text",
"branch": "text",
"url": "text",
"type": "text"
},
"bitbucket": {
"account": "text",
"workspace": "text",
"repository": "text",
"projectKey": "text",
"policy_id": "text",
"branch": "text",
"type": "text"
},
"git": {
"url": "text",
"branch": "text",
"policy_id": "text"
}
},
"schemaVersion": "text",
"project_name": "text",
"description": "text",
"version": "text",
"languages": [
"text"
],
"created_at": "2025-06-25T11:43:46.054Z",
"tags": [
"text"
],
"total_loc": 1,
"total_files": 1,
"type": "text",
"owner": "text",
"team": [
"text"
],
"created_by": "text",
"scan_ids": [
"text"
],
"isActive": true,
"analytics": {
"compliances": {
"ANY_ADDITIONAL_PROPERTY": 1
},
"issueTrend": [
{
"id": "text",
"date": "2025-06-25T11:43:46.054Z",
"issues": {
"open": 1,
"closed": 1
}
}
],
"topIssueCategories": {
"ANY_ADDITIONAL_PROPERTY": 1
},
"_id": "text"
},
"state": "text",
"last_scan_time": 1,
"last_scan_id": "text",
"is_repository_accessible": true,
"sast_issues_count": 1,
"sca_issues_count": 1,
"licenses_count": 1,
"default_branch": "text"
}
]Retrieve the status and details of a scan using its ID.
URL path to provide the scan ID.
GET /api/scan/status/{scanId} HTTP/1.1
Host: <baseURL>
Accept: */*
{
"progress_data": {
"progress": 1,
"currentdir": "text",
"current_analysis": "text",
"current_weakness": "text"
},
"tags": {
"project_name": "text",
"starter": "text",
"filename": "text",
"policy_id": "text",
"branch": "text",
"commitId": "text",
"committer": "text",
"commitMessage": "text",
"policy_title": "text"
},
"schemaVersion": "text",
"id": "text",
"issues_new": 1,
"issues_fixed": 1,
"started_at": 1,
"ended_at": 1,
"state": "text",
"loc": 1,
"nfiles": 1,
"uid": "text",
"fixcosts": "text",
"trustlevels": "text",
"labels": {
"ANY_ADDITIONAL_PROPERTY": 1
},
"impacts": {
"ANY_ADDITIONAL_PROPERTY": 1
},
"rootcauses": {
"ANY_ADDITIONAL_PROPERTY": 1
},
"riskscore": 1,
"logs": [
{
"logType": "text",
"message": "text",
"create_date": "2025-06-25T11:43:46.054Z",
"update_date": "2025-06-25T11:43:46.054Z"
}
],
"licenses": {
"low": 1,
"high": 1,
"unknown": 1
},
"sca_severities": {
"high": 1,
"critical": 1,
"medium": 1
},
"sast_severities": {
"critical": 1,
"high": 1,
"medium": 1,
"low": 1
}
}Retrieve issues related to a specific scan using its ID with optional filters.
Page ID for pagination (default: 50)
Page size for pagination
POST /api/scanlog/issues HTTP/1.1
Host: <baseURL>
Content-Type: application/json
Accept: */*
Content-Length: 193
{
"filter": {
"status": [
"Open"
],
"projectName": "text",
"assignee": [
"text"
],
"severities": [
"critical"
],
"state": [
"Recurrent"
],
"issue_id": "text",
"scan_id": "text",
"platforms": [
"csharp"
],
"branch": "text"
}
}{
"data": [
{
"issue_state": {
"status": {
"value": "text",
"description": "text"
},
"schemaVersion": "text",
"id": "text",
"project_name": "text",
"rule_id": "text",
"issue_id": "text",
"weakness_id": "text",
"scan_id": "text",
"ticket": {},
"tags": {},
"severity": "text",
"fixcost": "text",
"history": [
{
"type": "text",
"scan_id": "text",
"status": "text",
"date": 1
}
],
"relations": {
"scanBranches": [
{
"branch_name": "text",
"scans": [
"text"
]
}
]
}
},
"kb_fields": {
"impacts": [
"text"
],
"labels": [
"text"
],
"rootcauses": [
"text"
],
"standards": [
"text"
],
"references": [
"text"
],
"platformnotes": {
"ANY_ADDITIONAL_PROPERTY": {
"description": "text",
"mitigation": "text"
}
},
"summary": {
"ANY_ADDITIONAL_PROPERTY": "text"
},
"title": {
"ANY_ADDITIONAL_PROPERTY": "text"
},
"trustlevel": "text"
},
"flow_steps": [
{
"code_snippet": {
"text": "text",
"start_line": 1,
"end_line": 1
},
"document_name": "text",
"document_path": "text",
"project_name": "text",
"start_linenumber": 1,
"end_linenumber": 1,
"start_codespan": 1,
"end_codespan": 1,
"step_type": "text",
"step_text": "text",
"document_extension": "text"
}
],
"lang": "text"
}
],
"pagination": {
"page": 1,
"page_size": 1,
"total": 1
}
}This endpoint is used to add a new organization to the application. It accepts the 'orgname' field in the body. If no organization with this name exists, a new organization is created immediately.
The name of the organization to be added
POST /api/organization/add HTTP/1.1
Host: <baseURL>
Content-Type: application/json
Accept: */*
Content-Length: 18
{
"orgname": "text"
}{
"result": {
"message": "successful"
},
"error": false
}Retrieves a list of organizations accessible to the user. Use the 'search' parameter in the query string to filter organizations by name.
Filter organizations by name (alphanumeric, dash, underscore, and dot allowed).
example_org["Organization1","Organization2"]GET /api/organization/list HTTP/1.1
Host: <baseURL>
Accept: */*
[
"Organization1",
"Organization2"
]Creates a new 'upload' type project that is ready for analysis when triggered at the scan/start endpoint.
The name of the project used in generation. Must be unique within the organization.
A brief summary of the project's purpose.
Tags to categorize and group the projects being maintained.
POST /api/project/add HTTP/1.1
Host: <baseURL>
Content-Type: application/json
Accept: */*
Content-Length: 60
{
"project_name": "text",
"description": "text",
"tags": [
"text"
]
}{
"result": {
"message": "successful"
},
"error": false
}Only upload type projects can be scanned. The related project should be created via the project/add endpoint before sending this request with the related value.
Uploaded file object
Project under which the uploaded file will be analyzed
Branch under which the uploaded file will be analyzed
Scope under which the analysis should be processed
POST /api/scan/start HTTP/1.1
Host: <baseURL>
Content-Type: application/x-www-form-urlencoded
Accept: */*
Content-Length: 71
"upfile='binary'&project='text'&branch='text'&policy_id='text'"{
"error": true,
"message": "text",
"scan_id": "text"
}Stops an active scan immediately if the provided scan ID exists.
The ID of the scan to be stopped
POST /api/scan/stop HTTP/1.1
Host: <baseURL>
Content-Type: application/json
Accept: */*
Content-Length: 18
{
"scan_id": "text"
}{
"result": {
"message": "successfull"
},
"error": false
}Retrieves all policies created in the organization, including default bundled policies.
Filter policies by policy title
GET /api/policy/list HTTP/1.1
Host: <baseURL>
Accept: */*
[
{
"id": "text",
"description": "text",
"engine_settings": {
"maximum_execution_time_in_minutes": 1,
"maximum_method_call_depth": 1,
"enable_full_points_to_analysis": true,
"decompiled_code_scan_module": true,
"sast_module": true,
"sca_module": true
},
"fixcost": {
"include": [
"text"
],
"exclude": [
"text"
]
},
"impacts": {
"include": [
"text"
],
"exclude": [
"text"
]
},
"is_default": true,
"labels": {
"include": [
"text"
],
"exclude": [
"text"
]
},
"platform": {
"include": [
"text"
],
"exclude": [
"text"
]
},
"policy_title": "text",
"rootcauses": {
"include": [
"text"
],
"exclude": [
"text"
]
},
"scan_type": {
"include": [
"text"
],
"exclude": [
"text"
]
},
"schemaVersion": "text",
"severities": {
"include": [
"text"
],
"exclude": [
"text"
]
},
"standards": {
"include": [
"text"
],
"exclude": [
"text"
]
},
"trustlevel": {
"include": [
"text"
],
"exclude": [
"text"
]
}
}
]Retrieve policy by given payload
Filter policies by policy title
GET /api/policy/{policyId} HTTP/1.1
Host: <baseURL>
Accept: */*
{
"id": "text",
"description": "text",
"engine_settings": {
"maximum_execution_time_in_minutes": 1,
"maximum_method_call_depth": 1,
"enable_full_points_to_analysis": true,
"decompiled_code_scan_module": true,
"sast_module": true,
"sca_module": true
},
"fixcost": {
"include": [
"text"
],
"exclude": [
"text"
]
},
"impacts": {
"include": [
"text"
],
"exclude": [
"text"
]
},
"is_default": true,
"labels": {
"include": [
"text"
],
"exclude": [
"text"
]
},
"platform": {
"include": [
"text"
],
"exclude": [
"text"
]
},
"policy_title": "text",
"rootcauses": {
"include": [
"text"
],
"exclude": [
"text"
]
},
"scan_type": {
"include": [
"text"
],
"exclude": [
"text"
]
},
"schemaVersion": "text",
"severities": {
"include": [
"text"
],
"exclude": [
"text"
]
},
"standards": {
"include": [
"text"
],
"exclude": [
"text"
]
},
"trustlevel": {
"include": [
"text"
],
"exclude": [
"text"
]
}
}Create a git-connected project with given parameters.
Repository's default branch for standard analysis
Project's default policy for standard analysis
Unique project name within the organization
my-projectTags to categorize and group project
POST /api/integration/git/set HTTP/1.1
Host: <baseURL>
Content-Type: application/json
Accept: */*
Content-Length: 137
{
"branch": "text",
"git": {
"password": "text",
"url": "text",
"username": "text"
},
"policy_id": "text",
"project_name": "my-project",
"tags": [
"text"
]
}{
"error": false,
"message": "Project created and scan started successfully.",
"scan_id": "scanId"
}Create a GitHub-connected project with given parameters.
GitHub repository id and name combined as string concatenated.
repo_name:1234idRepositories view information (public or private)
Related repository owner's GitHub login
Default branch of the project for standard analysis.
mainProject's default policy for standard analysis
Tags to categorize and group projects
POST /api/integration/github/set HTTP/1.1
Host: <baseURL>
Content-Type: application/json
Accept: */*
Content-Length: 113
{
"repoId": "repo_name:1234id",
"type": "public",
"account": "text",
"branch": "main",
"policy_id": "text",
"tags": [
"text"
]
}{
"error": false,
"message": "Project created but scan not started due to exceed weekly scan limitations.",
"scan_id": null
}Create a GitLab-connected project with given parameters.
GitLab repository id and name combined as string concatenated.
repo_name:1234idDefault branch of the project for standard analysis.
mainRepositories view information (public or private)
Related repository owner's GitLab login
Project's default policy for standard analysis
Tags to categorize and group projects
POST /api/integration/gitlab/set HTTP/1.1
Host: <baseURL>
Content-Type: application/json
Accept: */*
Content-Length: 113
{
"repoId": "repo_name:1234id",
"branch": "main",
"type": "public",
"account": "text",
"policy_id": "text",
"tags": [
"text"
]
}{
"error": false,
"message": "Project created but scan not started due to exceed weekly scan limitations.",
"scan_id": null
}Create a Azure-connected project with given parameters.
Depends on repository type, if it is Git type repository it wil formatted like, ${azureRepository.name}:${azureRepository.,d}:${azureRepository.project.id} but if it is Tfvc project, it will formetted like: ${tfvcItem.name}:${azureRepository.id}.
repo_name:1234id:projId | item_name:item_idRepositories source control type
Default branch of the project for standard analysis.
mainRelated repository owner's Azure account
Project's default policy for standard analysis
It will required only importing tfvc project.
Tags to categorize and group projects
POST /api/integration/azure/set HTTP/1.1
Host: <baseURL>
Content-Type: application/json
Accept: */*
Content-Length: 154
{
"repoId": "repo_name:1234id:projId | item_name:item_id",
"type": "TfsGit",
"branch": "main",
"account": "text",
"policy_id": "text",
"path": "text",
"tags": [
"text"
]
}{
"error": false,
"message": "Project created but scan not started due to exceed weekly scan limitations.",
"scan_id": null
}Create a Bitbucket connected project with given parameters.
If the connection is coming from a Bitbucket server, this should be true. If cloud, it should be false.
Bitbucket repository name.
my-repoRepository view information.
publicPossible values: Name for project generation in the application.
my-repo_my-repoUsed for connection URL generation.
PROJKEYDepends on environment; if Bitbucket server, use bitbucketProject.name. If cloud, use bitbucketWorkspace.account
my-projectDefault policy ID for standard analysis.
7xoPVRFf6l86Default branch of the project for standard analysis.
mainAccount's workspace information. Required if in a cloud environment.
my-workspaceTags to categorize and group projects.
[tag1, tag2]POST /api/integration/bitbucket/set?server=true HTTP/1.1
Host: <baseURL>
Content-Type: application/json
Accept: */*
Content-Length: 210
{
"repository": "my-repo",
"type": "public",
"projectName": "my-repo_my-repo",
"projectKey": "PROJKEY",
"account": "my-project",
"policy_id": "7xoPVRFf6l86",
"branch": "main",
"workspace": "my-workspace",
"tags": "[tag1, tag2]"
}{
"error": false,
"message": "Project created but scan not started due to exceeding weekly scan limitations.",
"scan_id": null
}Trigger a scan for an existing Azure project with the provided parameters.
The project to be analyzed.
Optional branch parameter for analyzing a different branch. Defaults to the project's default branch if not provided.
Optional policy_id parameter for analyzing the project with a different policy scope. Defaults to the project's default policy_id if not provided.
POST /api/integration/azure/start HTTP/1.1
Host: <baseURL>
Content-Type: application/json
Accept: */*
Content-Length: 53
{
"project": "text",
"branch": "text",
"policy_id": "text"
}{
"message": "Scan started successfully.",
"scan_id": "scan1234"
}Trigger a scan for an existing Bitbucket project with the provided parameters.
The project to be analyzed.
Optional branch parameter for analyzing a different branch. Defaults to the project's default branch if not provided.
Optional policy_id parameter for analyzing the project with a different policy scope. Defaults to the project's default policy_id if not provided.
POST /api/integration/bitbucket/start HTTP/1.1
Host: <baseURL>
Content-Type: application/json
Accept: */*
Content-Length: 53
{
"project": "text",
"branch": "text",
"policy_id": "text"
}{
"message": "Scan started successfully.",
"scan_id": "scan1234"
}Trigger a scan for an existing Git project with the provided parameters.
The project to be analyzed.
Optional branch parameter for analyzing a different branch. Defaults to the project's default branch if not provided.
Optional policy_id parameter for analyzing the project with a different policy scope. Defaults to the project's default policy_id if not provided.
POST /api/integration/git/start HTTP/1.1
Host: <baseURL>
Content-Type: application/json
Accept: */*
Content-Length: 53
{
"project": "text",
"branch": "text",
"policy_id": "text"
}{
"message": "Scan started successfully.",
"scan_id": "scan1234"
}Trigger a scan for an existing Github project with the provided parameters.
The project to be analyzed.
Optional branch parameter for analyzing a different branch. Defaults to the project's default branch if not provided.
Optional policy_id parameter for analyzing the project with a different policy scope. Defaults to the project's default policy_id if not provided.
POST /api/integration/github/start HTTP/1.1
Host: <baseURL>
Content-Type: application/json
Accept: */*
Content-Length: 53
{
"project": "text",
"branch": "text",
"policy_id": "text"
}{
"message": "Scan started successfully.",
"scan_id": "scan1234"
}Trigger a scan for an existing Gitlab project with the provided parameters.
The project to be analyzed.
Optional branch parameter for analyzing a different branch. Defaults to the project's default branch if not provided.
Optional policy_id parameter for analyzing the project with a different policy scope. Defaults to the project's default policy_id if not provided.
POST /api/integration/gitlab/start HTTP/1.1
Host: <baseURL>
Content-Type: application/json
Accept: */*
Content-Length: 58
{
"project_name": "text",
"branch": "text",
"policy_id": "text"
}{
"message": "Scan started successfully.",
"scan_id": "scan1234"
}Last updated
Was this helpful?