Highlight REST API

Security

For accessing the API, use a Basic access authentication (the security will be improved later). You need to send the login and password, separated by a single colon (":") character, within a base64 encoded string in the credentials.
The following syntax must be used in the 'Authorization' header :
Basic dXNlcm5hbWVAY29tcGFueS5jb206cGFzc3dvcmQ=

Administration

Company Informations

According to user's permission, return your company details


/companies/{companyId}

Usage Samples

curl -X get -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/companies/{companyId}"

Parameters

Path parameters
Name Description
companyId*

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 404 - Domain not found

Status: 500 - Internal server error


Audit Log

According to user's permission, return company audit log


/companies/{companyId}/audit

Usage Samples

curl -X get -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/companies/{companyId}/audit"

Parameters

Path parameters
Name Description
companyId*

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 404 - Domain not found

Status: 500 - Internal server error


Alert

Get applications triggered an alert filtred by health factor, domains, technologies and campaigns

According to user's permission, returns top 20 alerts by domain filtred by domains, technologies and campaigns


/domains/{domainId}/alerts/applications

Usage Samples

curl -X post -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/alerts/applications"

Parameters

Header parameters
Name Description
Path parameters
Name Description
domainId*
Body parameters
Name Description
body *

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 500 - Internal server error


Get top 20 alerts by domain

According to user's permission, returns top 20 alerts by domain


/domains/{domainId}/alerts

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/alerts"

Parameters

Path parameters
Name Description
domainId*

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 500 - Internal server error


Get top 20 alerts by domain filtred

According to user's permission, returns top 20 alerts by domain filtred by domains, technologies and campaigns


/domains/{domainId}/alerts

Usage Samples

curl -X post -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/alerts"

Parameters

Header parameters
Name Description
Path parameters
Name Description
domainId*
Body parameters
Name Description
body *

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 500 - Internal server error


Applications

Add a tag to an application

According to user's permission, Add a tag to an application


/domains/{domainId}/applications/{applicationId}/tags/{tagId}

Usage Samples

curl -X post -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/tags/{tagId}"

Parameters

Path parameters
Name Description
domainId*
applicationId*
tagId*

Responses

Status: 204 - Successful operation

Status: 403 - Access forbidden

Status: 404 - Application not found

Status: 500 - Internal server error


Create or update applications

According to user's permission, create or update applications. To identify a contributor or a domain, you can use either the id or the client reference


/domains/{domainId}/applications

Usage Samples

curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications"

Parameters

Header parameters
Name Description
Content-Type application/json
Path parameters
Name Description
domainId*
Body parameters
Name Description
body *

Responses

Status: 200 - successful operation

Status: 400 - Bad request

Status: 403 - Access forbidden

Status: 500 - Internal server error


Delete application

According to user's permission, delete an application.


/domains/{domainId}/applications/{applicationId}

Usage Samples

curl -X delete -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}"

Parameters

Path parameters
Name Description
domainId*
applicationId*

Responses

Status: 400 - Bad request

Status: 403 - Access forbidden

Status: 500 - Internal server error


Exclude cve for an application

According to user's permission, exclude cve for an application


/domains/{domainId}/applications/{applicationId}/vulnerabilities/exclude

Usage Samples

curl -X delete -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/vulnerabilities/exclude"

Parameters

Path parameters
Name Description
domainId*
applicationId*

Responses

Status: 403 - Access forbidden

Status: 406 - Accept-headers is not valid

Status: 500 - Internal server error


Remove a tag from an application

According to user's permission, Remove a tag from an application


/domains/{domainId}/applications/{applicationId}/tags/{tagId}

Usage Samples

curl -X delete -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/tags/{tagId}"

Parameters

Path parameters
Name Description
domainId*
applicationId*
tagId*

Responses

Status: 204 - Successful operation

Status: 403 - Access forbidden

Status: 404 - Application not found

Status: 500 - Internal server error


Exclude cve for an application

According to user's permission, exclude cve for an application


/domains/{domainId}/applications/{applicationId}/vulnerabilities/exclude

Usage Samples

curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/vulnerabilities/exclude"

Parameters

Path parameters
Name Description
domainId*
applicationId*

Responses

Status: 403 - Access forbidden

Status: 406 - Accept-headers is not valid

Status: 500 - Internal server error


Get cves aggregation by application

According to user's permission, returns cves aggregation by application


/domains/{domainId}/applications/vulnerabilities/aggregated

Usage Samples

curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/vulnerabilities/aggregated"

Parameters

Path parameters
Name Description
domainId*

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 406 - Accept-headers is not valid

Status: 500 - Internal server error


Get application

According to user's permission, returns application details


/domains/{domainId}/applications/{applicationId}

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}?expand="

Parameters

Path parameters
Name Description
domainId*
applicationId*
Query parameters
Name Description
expand

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 404 - Application not found

Status: 500 - Internal server error


Get application result for application

According to user's permission, returns application result details


/domains/{domainId}/applications/{applicationId}/results/{resultId}

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/results/{resultId}"

Parameters

Path parameters
Name Description
domainId*
applicationId*
resultId*

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 500 - Internal server error


Get application thirdparties

According to user's permission, returns application thirdparties


/domains/{domainId}/applications/{applicationId}/thirdparty

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/thirdparty"

Parameters

Path parameters
Name Description
domainId*
applicationId*

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 404 - Application not found

Status: 500 - Internal server error


Get all applications by domain

According to user's permission, returns all applications details for a domain


/domains/{domainId}/applications

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications?expand="

Parameters

Path parameters
Name Description
domainId*
Query parameters
Name Description
expand

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 500 - Internal server error


Get cloud recommendation by application

According to user's permission, returns get cloud recommendation by application


/domains/{domainId}/applications/{applicationId}/recommendation

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/recommendation"

Parameters

Path parameters
Name Description
domainId*
applicationId*

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 406 - Accept-headers is not valid

Status: 500 - Internal server error


Get cves aggregation with trends by application

According to user's permission, returns cves aggregation with trends by application


/domains/{domainId}/applications/{applicationId}/vulnerabilities/aggregated

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/vulnerabilities/aggregated"

Parameters

Path parameters
Name Description
domainId*
applicationId*

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 406 - Accept-headers is not valid

Status: 500 - Internal server error


Get exclude cves for an application

According to user's permission, get exclude cves for an application


/domains/{domainId}/applications/{applicationId}/vulnerabilities/exclude

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/vulnerabilities/exclude"

Parameters

Path parameters
Name Description
domainId*
applicationId*

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 404 - Application not found

Status: 500 - Internal server error


Get last top risk for application

According to user's permission, returns application last top risk


/domains/{domainId}/applications/{applicationId}/alerts

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/alerts"

Parameters

Path parameters
Name Description
domainId*
applicationId*
Header parameters
Name Description
Accept-Language

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 406 - Accept-headers is not valid

Status: 500 - Internal server error


Get application results for application

According to user's permission, returns all results for application.


/domains/{domainId}/applications/{applicationId}/results

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/results"

Parameters

Path parameters
Name Description
domainId*
applicationId*

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 500 - Internal server error


Get tags for an application

According to user's permission, Get tags for an application


/domains/{domainId}/applications/{applicationId}/tags

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/tags"

Parameters

Path parameters
Name Description
domainId*
applicationId*

Responses

Status: 200 - Successful operation

Status: 403 - Access forbidden

Status: 404 - Application not found

Status: 500 - Internal server error


Set cve view status

According to user's permission, Set cve view status


/domains/{domainId}/applications/{applicationId}/vulnerabilities/view

Usage Samples

curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/vulnerabilities/view"

Parameters

Path parameters
Name Description
domainId*
applicationId*

Responses

Status: 403 - Access forbidden

Status: 406 - Accept-headers is not valid

Status: 500 - Internal server error


Answer survey for application on result

According to user's permission, Set or update answers for a specific application & survey on existing result


/domains/{domainId}/applications/{applicationId}/results/{resultId}/surveys/{surveyId}

Usage Samples

curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/results/{resultId}/surveys/{surveyId}"

Parameters

Header parameters
Name Description
Content-Type application/json
Path parameters
Name Description
domainId*
applicationId*
surveyId*
resultId*
Body parameters
Name Description
body *

Responses

Status: 200 - successful operation

Status: 400 - Bad request

Status: 403 - Access forbidden

Status: 404 - Results not found

Status: 500 - Internal server error


Answer survey for application on campaign

According to user's permission, Set or update answers for a specific application & survey on existing campaign result


/domains/{domainId}/applications/{applicationId}/campaigns/{campaignId}/surveys/{surveyId}

Usage Samples

curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/campaigns/{campaignId}/surveys/{surveyId}"

Parameters

Header parameters
Name Description
Content-Type application/json
Path parameters
Name Description
domainId*
applicationId*
surveyId*
campaignId*
Body parameters
Name Description
body *

Responses

Status: 200 - successful operation

Status: 400 - Bad request

Status: 403 - Access forbidden

Status: 404 - Results not found

Status: 500 - Internal server error


Submit result for application

Result might contains survey and/or scans. Submit will launch compute process and will make the result visible on the portal


/domains/{domainId}/applications/{applicationId}/results/{resultId}/submit

Usage Samples

curl -X post -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/results/{resultId}/submit"

Parameters

Path parameters
Name Description
domainId*
applicationId*
resultId*

Responses

Status: 400 - Bad request

Status: 403 - Access forbidden

Status: 404 - Results not found

Status: 500 - Internal server error


Submit result for application

Result might contains survey and/or scans. Submit will launch compute process and will make the result visible on the portal


/domains/{domainId}/applications/{applicationId}/campaigns/{campaignId}/submit

Usage Samples

curl -X post -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/campaigns/{campaignId}/submit"

Parameters

Path parameters
Name Description
domainId*
applicationId*
campaignId*

Responses

Status: 400 - Bad request

Status: 403 - Access forbidden

Status: 404 - Results not found

Status: 500 - Internal server error


Update application

According to user's permission, update application. To identify a contributor or a domain, you can use either the id or the client reference


/domains/{domainId}/applications/{applicationId}

Usage Samples

curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}"

Parameters

Header parameters
Name Description
Content-Type application/json
Path parameters
Name Description
domainId*
applicationId*
Body parameters
Name Description
body *

Responses

Status: 200 - successful operation

Status: 400 - Bad request

Status: 403 - Access forbidden

Status: 500 - Internal server error


Update information for one application result

According to user's permission, edit some attribute on application result


/domains/{domainId}/applications/{applicationId}/results/{resultId}

Usage Samples

curl -X put -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/results/{resultId}"

Parameters

Header parameters
Name Description
Path parameters
Name Description
domainId*
applicationId*
resultId*
Body parameters
Name Description
body *

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 500 - Internal server error


Benchmark

Get benchmark metrics

return benchmark metrics computed on all applications


/benchmark

Usage Samples

curl -X get -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/benchmark"

Parameters

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 500 - Internal server error


Get benchmark alerts

return benchmark alerts on all applications and technologies


/benchmark/alerts

Usage Samples

curl -X get -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/benchmark/alerts"

Parameters

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 500 - Internal server error


Get benchmark alerts

return benchmark alerts on all applications and technologies


/benchmark/alerts

Usage Samples

curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/benchmark/alerts"

Parameters

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 500 - Internal server error


Campaigns

Create or update campaigns

According to user's permission, create or update campaigns. To identify an application, you can use either the id or the client reference


/domains/{domainId}/campaigns

Usage Samples

curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/campaigns"

Parameters

Header parameters
Name Description
Content-Type application/json
Path parameters
Name Description
domainId*
Body parameters
Name Description
body *

Responses

Status: 200 - successful operation

Status: 400 - Bad request

Status: 403 - Access forbidden

Status: 500 - Internal server error


Get campaign

According to user's permission, return campaign detail


/domains/{domainId}/campaigns/{campaignId}

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/campaigns/{campaignId}"

Parameters

Path parameters
Name Description
domainId*
campaignId*

Responses

Status: 200 - successful operation

Status: 400 - Bad request

Status: 403 - Access forbidden

Status: 500 - Internal server error



/domains/{domainId}/campaigns/applicationStatus

Usage Samples

curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/campaigns/applicationStatus"

Parameters

Path parameters
Name Description
domainId*

Responses

Status: 200 - successful operation


Get campaigns

According to user's permission, return list campaign detail by domain


/domains/{domainId}/campaigns

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/campaigns"

Parameters

Path parameters
Name Description
domainId*

Responses

Status: 200 - successful operation

Status: 400 - Bad request

Status: 403 - Access forbidden

Status: 500 - Internal server error


Cloud

Get cloud data

According to user's permission, returns cloud data


/cloud/data/{domainId}

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/cloud/data/{domainId}?metricIds=&metricTagIds=&domainIds=&technologyIds=&campaignIds=&tagIds=&hasResult="

Parameters

Header parameters
Name Description
Path parameters
Name Description
domainId*
Body parameters
Name Description
body
Query parameters
Name Description
metricIds
metricTagIds
domainIds
technologyIds
campaignIds
tagIds
hasResult

Responses

Status: 200 - successful operation


Get cloud requirements

According to user's permission, returns cloud requirements


/cloud/requirements/{domainId}

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/cloud/requirements/{domainId}?metricIds=&metricTagIds=&domainIds=&technologyIds=&campaignIds=&tagIds=&hasResult="

Parameters

Header parameters
Name Description
Path parameters
Name Description
domainId*
Body parameters
Name Description
body
Query parameters
Name Description
metricIds
metricTagIds
domainIds
technologyIds
campaignIds
tagIds
hasResult

Responses

Status: 200 - successful operation


Components

Get components catalog

According to user's permission, returns components catalog with blacklist/whitelist classification definition


/domains/{domainId}/componentCatalog

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/componentCatalog"

Parameters

Path parameters
Name Description
domainId*

Responses

Status: 200 - body

Status: 403 - Access forbidden

Status: 404 - Application not found

Status: 500 - Internal server error


Get components for domain

According to user's permission, returns components in domain with usage.


/domains/{domainId}/thirdparty

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/thirdparty"

Parameters

Path parameters
Name Description
domainId*

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 404 - Application not found

Status: 500 - Internal server error


Get components usage in domain

According to user's permission, returns components with version and application using them.
Use body on post to send the list of component


/domains/{domainId}/thirdpartyUsage

Usage Samples

curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/thirdpartyUsage"

Parameters

Header parameters
Name Description
Content-Type application/json
Path parameters
Name Description
domainId*
Body parameters
Name Description
body *

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 500 - Internal server error


CustomDashboard

Save or update custom dashboard

According to user's permission, returns save or update custom dashboard


/domains/{domainId}/customdashboard

Usage Samples

curl -X post -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/customdashboard"

Parameters

Header parameters
Name Description
Path parameters
Name Description
domainId*