For accessing the API, use a Basic access authentication (the security will be improved later). You need to send the login and password, separated by a single colon (":") character, within a base64 encoded string in the credentials.
The following syntax must be used in the 'Authorization' header :
Basic dXNlcm5hbWVAY29tcGFueS5jb206cGFzc3dvcmQ=
Highlight REST API
API and SDK Documentation
Version: 5.1.34-RELEASE
Highlight REST API documentation.
Security
Alert
Get applications triggered an alert filtred by health factor, domains, technologies and campaigns
According to user's permission, returns top 20 alerts by domain filtred by domains, technologies and campaigns
/domains/{domainId}/alerts/applications
Usage Samples
curl -X post -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/alerts/applications"Parameters
Header parameters
| Name | Description |
|---|
Path parameters
| Name | Description |
|---|---|
| domainId* |
Body parameters
| Name | Description |
|---|---|
| body * |
Responses
Status: 200 - successful operation
Status: 403 - Access forbidden
Status: 500 - Internal server error
Get top 20 alerts by domain
According to user's permission, returns top 20 alerts by domain
/domains/{domainId}/alerts
Usage Samples
curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/alerts"Parameters
Path parameters
| Name | Description |
|---|---|
| domainId* |
Responses
Status: 200 - successful operation
Status: 403 - Access forbidden
Status: 500 - Internal server error
Get top 20 alerts by domain filtred
According to user's permission, returns top 20 alerts by domain filtred by domains, technologies and campaigns
/domains/{domainId}/alerts
Usage Samples
curl -X post -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/alerts"Parameters
Header parameters
| Name | Description |
|---|
Path parameters
| Name | Description |
|---|---|
| domainId* |
Body parameters
| Name | Description |
|---|---|
| body * |
Responses
Status: 200 - successful operation
Status: 403 - Access forbidden
Status: 500 - Internal server error
Applications
Add a tag to an application
According to user's permission, Add a tag to an application
/domains/{domainId}/applications/{applicationId}/tags/{tagId}
Usage Samples
curl -X post -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/tags/{tagId}"Parameters
Path parameters
| Name | Description |
|---|---|
| domainId* | |
| applicationId* | |
| tagId* |
Responses
Status: 204 - Successful operation
Status: 403 - Access forbidden
Status: 404 - Application not found
Status: 500 - Internal server error
Create or update applications
According to user's permission, create or update applications. To identify a contributor or a domain, you can use either the id or the client reference
/domains/{domainId}/applications
Usage Samples
curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications"Parameters
Header parameters
| Name | Description |
|---|---|
| Content-Type | application/json |
Path parameters
| Name | Description |
|---|---|
| domainId* |
Body parameters
| Name | Description |
|---|---|
| body * |
Responses
Status: 200 - successful operation
Status: 400 - Bad request
Status: 403 - Access forbidden
Status: 500 - Internal server error
Delete application
According to user's permission, delete an application.
/domains/{domainId}/applications/{applicationId}
Usage Samples
curl -X delete -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}"Parameters
Path parameters
| Name | Description |
|---|---|
| domainId* | |
| applicationId* |
Responses
Status: 400 - Bad request
Status: 403 - Access forbidden
Status: 500 - Internal server error
Remove a tag from an application
According to user's permission, Remove a tag from an application
/domains/{domainId}/applications/{applicationId}/tags/{tagId}
Usage Samples
curl -X delete -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/tags/{tagId}"Parameters
Path parameters
| Name | Description |
|---|---|
| domainId* | |
| applicationId* | |
| tagId* |
Responses
Status: 204 - Successful operation
Status: 403 - Access forbidden
Status: 404 - Application not found
Status: 500 - Internal server error
Get cves aggregation by application
According to user's permission, returns cves aggregation by application
/domains/{domainId}/applications/vulnerabilities/aggregated
Usage Samples
curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/vulnerabilities/aggregated"Parameters
Path parameters
| Name | Description |
|---|---|
| domainId* |
Responses
Status: 200 - successful operation
Status: 403 - Access forbidden
Status: 406 - Accept-headers is not valid
Status: 500 - Internal server error
Get application
According to user's permission, returns application details
/domains/{domainId}/applications/{applicationId}
Usage Samples
curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}?expand="Parameters
Path parameters
| Name | Description |
|---|---|
| domainId* | |
| applicationId* |
Query parameters
| Name | Description |
|---|---|
| expand |
Responses
Status: 200 - successful operation
Status: 403 - Access forbidden
Status: 404 - Application not found
Status: 500 - Internal server error
Get application result for application
According to user's permission, returns application result details
/domains/{domainId}/applications/{applicationId}/results/{resultId}
Usage Samples
curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/results/{resultId}"Parameters
Path parameters
| Name | Description |
|---|---|
| domainId* | |
| applicationId* | |
| resultId* |
Responses
Status: 200 - successful operation
Status: 403 - Access forbidden
Status: 500 - Internal server error
Get application thirdparties
According to user's permission, returns application thirdparties
/domains/{domainId}/applications/{applicationId}/thirdparty
Usage Samples
curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/thirdparty"Parameters
Path parameters
| Name | Description |
|---|---|
| domainId* | |
| applicationId* |
Responses
Status: 200 - successful operation
Status: 403 - Access forbidden
Status: 404 - Application not found
Status: 500 - Internal server error
Get all applications by domain
According to user's permission, returns all applications details for a domain
/domains/{domainId}/applications
Usage Samples
curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications?expand="Parameters
Path parameters
| Name | Description |
|---|---|
| domainId* |
Query parameters
| Name | Description |
|---|---|
| expand |
Responses
Status: 200 - successful operation
Status: 403 - Access forbidden
Status: 500 - Internal server error
Get cloud recommendation by application
According to user's permission, returns get cloud recommendation by application
/domains/{domainId}/applications/{applicationId}/recommendation
Usage Samples
curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/recommendation"Parameters
Path parameters
| Name | Description |
|---|---|
| domainId* | |
| applicationId* |
Responses
Status: 200 - successful operation
Status: 403 - Access forbidden
Status: 406 - Accept-headers is not valid
Status: 500 - Internal server error
Get cves aggregation with trends by application
According to user's permission, returns cves aggregation with trends by application
/domains/{domainId}/applications/{applicationId}/vulnerabilities/aggregated
Usage Samples
curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/vulnerabilities/aggregated"Parameters
Path parameters
| Name | Description |
|---|---|
| domainId* | |
| applicationId* |
Responses
Status: 200 - successful operation
Status: 403 - Access forbidden
Status: 406 - Accept-headers is not valid
Status: 500 - Internal server error
Get last top risk for application
According to user's permission, returns application last top risk
/domains/{domainId}/applications/{applicationId}/alerts
Usage Samples
curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/alerts"Parameters
Path parameters
| Name | Description |
|---|---|
| domainId* | |
| applicationId* |
Header parameters
| Name | Description |
|---|---|
| Accept-Language |
Responses
Status: 200 - successful operation
Status: 403 - Access forbidden
Status: 406 - Accept-headers is not valid
Status: 500 - Internal server error
Get application results for application
According to user's permission, returns all results for application.
/domains/{domainId}/applications/{applicationId}/results
Usage Samples
curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/results"Parameters
Path parameters
| Name | Description |
|---|---|
| domainId* | |
| applicationId* |
Responses
Status: 200 - successful operation
Status: 403 - Access forbidden
Status: 500 - Internal server error
Get tags for an application
According to user's permission, Get tags for an application
/domains/{domainId}/applications/{applicationId}/tags
Usage Samples
curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/tags"Parameters
Path parameters
| Name | Description |
|---|---|
| domainId* | |
| applicationId* |
Responses
Status: 200 - Successful operation
Status: 403 - Access forbidden
Status: 404 - Application not found
Status: 500 - Internal server error
Answer survey for application on result
According to user's permission, Set or update answers for a specific application & survey on existing result
/domains/{domainId}/applications/{applicationId}/results/{resultId}/surveys/{surveyId}
Usage Samples
curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/results/{resultId}/surveys/{surveyId}"Parameters
Header parameters
| Name | Description |
|---|---|
| Content-Type | application/json |
Path parameters
| Name | Description |
|---|---|
| domainId* | |
| applicationId* | |
| surveyId* | |
| resultId* |
Body parameters
| Name | Description |
|---|---|
| body * |
Responses
Status: 200 - successful operation
Status: 400 - Bad request
Status: 403 - Access forbidden
Status: 404 - Results not found
Status: 500 - Internal server error
Answer survey for application on campaign
According to user's permission, Set or update answers for a specific application & survey on existing campaign result
/domains/{domainId}/applications/{applicationId}/campaigns/{campaignId}/surveys/{surveyId}
Usage Samples
curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/campaigns/{campaignId}/surveys/{surveyId}"Parameters
Header parameters
| Name | Description |
|---|---|
| Content-Type | application/json |
Path parameters
| Name | Description |
|---|---|
| domainId* | |
| applicationId* | |
| surveyId* | |
| campaignId* |
Body parameters
| Name | Description |
|---|---|
| body * |
Responses
Status: 200 - successful operation
Status: 400 - Bad request
Status: 403 - Access forbidden
Status: 404 - Results not found
Status: 500 - Internal server error
Submit result for application
Result might contains survey and/or scans. Submit will launch compute process and will make the result visible on the portal
/domains/{domainId}/applications/{applicationId}/results/{resultId}/submit
Usage Samples
curl -X post -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/results/{resultId}/submit"Parameters
Path parameters
| Name | Description |
|---|---|
| domainId* | |
| applicationId* | |
| resultId* |
Responses
Status: 400 - Bad request
Status: 403 - Access forbidden
Status: 404 - Results not found
Status: 500 - Internal server error
Submit result for application
Result might contains survey and/or scans. Submit will launch compute process and will make the result visible on the portal
/domains/{domainId}/applications/{applicationId}/campaigns/{campaignId}/submit
Usage Samples
curl -X post -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/campaigns/{campaignId}/submit"Parameters
Path parameters
| Name | Description |
|---|---|
| domainId* | |
| applicationId* | |
| campaignId* |
Responses
Status: 400 - Bad request
Status: 403 - Access forbidden
Status: 404 - Results not found
Status: 500 - Internal server error
Update application
According to user's permission, update application. To identify a contributor or a domain, you can use either the id or the client reference
/domains/{domainId}/applications/{applicationId}
Usage Samples
curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}"Parameters
Header parameters
| Name | Description |
|---|---|
| Content-Type | application/json |
Path parameters
| Name | Description |
|---|---|
| domainId* | |
| applicationId* |
Body parameters
| Name | Description |
|---|---|
| body * |
Responses
Status: 200 - successful operation
Status: 400 - Bad request
Status: 403 - Access forbidden
Status: 500 - Internal server error
Update information for one application result
According to user's permission, edit some attribute on application result
/domains/{domainId}/applications/{applicationId}/results/{resultId}
Usage Samples
curl -X put -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/results/{resultId}"Parameters
Header parameters
| Name | Description |
|---|
Path parameters
| Name | Description |
|---|---|
| domainId* | |
| applicationId* | |
| resultId* |
Body parameters
| Name | Description |
|---|---|
| body * |
Responses
Status: 200 - successful operation
Status: 403 - Access forbidden
Status: 500 - Internal server error
AuthToken
/authtoken
Usage Samples
curl -X get "/authtoken"Parameters
Responses
Status: 200 - successful operation
Benchmark
Get benchmark metrics
return benchmark metrics computed on all applications
/benchmark
Usage Samples
curl -X get -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/benchmark"Parameters
Responses
Status: 200 - successful operation
Status: 403 - Access forbidden
Status: 500 - Internal server error
Get benchmark alerts
return benchmark alerts on all applications and technologies
/benchmark/alerts
Usage Samples
curl -X get -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/benchmark/alerts"Parameters
Responses
Status: 200 - successful operation
Status: 403 - Access forbidden
Status: 500 - Internal server error
Get benchmark alerts
return benchmark alerts on all applications and technologies
/benchmark/alerts
Usage Samples
curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/benchmark/alerts"Parameters
Responses
Status: 200 - successful operation
Status: 403 - Access forbidden
Status: 500 - Internal server error
Campaigns
Create or update campaigns
According to user's permission, create or update campaigns. To identify an application, you can use either the id or the client reference
/domains/{domainId}/campaigns
Usage Samples
curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/campaigns"Parameters
Header parameters
| Name | Description |
|---|---|
| Content-Type | application/json |
Path parameters
| Name | Description |
|---|---|
| domainId* |
Body parameters
| Name | Description |
|---|---|
| body * |
Responses
Status: 200 - successful operation
Status: 400 - Bad request
Status: 403 - Access forbidden
Status: 500 - Internal server error
Get campaign
According to user's permission, return campaign detail
/domains/{domainId}/campaigns/{campaignId}
Usage Samples
curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/campaigns/{campaignId}"Parameters
Path parameters
| Name | Description |
|---|---|
| domainId* | |
| campaignId* |
Responses
Status: 200 - successful operation
Status: 400 - Bad request
Status: 403 - Access forbidden
Status: 500 - Internal server error
Get campaigns
According to user's permission, return list campaign detail by domain
/domains/{domainId}/campaigns
Usage Samples
curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/campaigns"Parameters
Path parameters
| Name | Description |
|---|---|
| domainId* |
Responses
Status: 200 - successful operation
Status: 400 - Bad request
Status: 403 - Access forbidden
Status: 500 - Internal server error
Companies
Create company by a partner
According to user's permission, create company for partner.
/partner/company
Usage Samples
curl -X post "/partner/company"Parameters
Responses
Status: 200 - successful operation
Create or update partner
According to user's permission, create or update partner. Identifier is email
/partner
Usage Samples
curl -X post "/partner"Parameters
Responses
Status: 200 - successful operation
Delete partner
According to user's permission, delete partner.
/partner/{id}
Usage Samples
curl -X delete "/partner/{id}"Parameters
Path parameters
| Name | Description |
|---|---|
| id* |
Responses
Status: default - successful operation
Delete partner company
According to user's permission, delete partner company.
/partner/company/{id}
Usage Samples
curl -X delete "/partner/company/{id}"Parameters
Path parameters
| Name | Description |
|---|---|
| id* |
Responses
Status: default - successful operation
Get Company
According to user's permission, return company details
/companies
Usage Samples
curl -X get -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/companies"Parameters
Responses
Status: 200 - successful operation
Status: 403 - Access forbidden
Status: 404 - Domain not found
Status: 500 - Internal server error
Get Company
According to user's permission, return company details
/companies/{companyId}
Usage Samples
curl -X get -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/companies/{companyId}"Parameters
Path parameters
| Name | Description |
|---|---|
| companyId* |
Responses
Status: 200 - successful operation
Status: 403 - Access forbidden
Status: 404 - Domain not found
Status: 500 - Internal server error
Get Partner
According to user's permission, return partner
/partner/{id}
Usage Samples
curl -X get "/partner/{id}"Parameters
Path parameters
| Name | Description |
|---|---|
| id* |
Responses
Status: 200 - successful operation
Create company by a partner
According to user's permission, create company for partner.
/partner/company
Usage Samples
curl -X get "/partner/company"Parameters
Responses
Status: 200 - successful operation
Get partner company
According to user's permission, get company information.
/partner/company/{id}
Usage Samples
curl -X get "/partner/company/{id}"Parameters
Path parameters
| Name | Description |
|---|---|
| id* |
Responses
Status: 200 - successful operation
Get Partner
According to user's permission, return partner
/partner/new
Usage Samples
curl -X get "/partner/new"Parameters
Responses
Status: 200 - successful operation
Create company by a partner
According to user's permission, create company for partner.
/partner/company/new
Usage Samples
curl -X get "/partner/company/new"Parameters
Responses
Status: 200 - successful operation
Get Partners
According to user's permission, return partners
/partner
Usage Samples
curl -X get "/partner"Parameters
Responses
Status: 200 - successful operation
/partner/report
Usage Samples
curl -X get "/partner/report"Parameters
Responses
Status: default - successful operation
/partner/report/{id}
Usage Samples
curl -X get "/partner/report/{id}"Parameters
Path parameters
| Name | Description |
|---|---|
| id* |
Responses
Status: default - successful operation
Create company by a partner
According to user's permission, create company for partner.
/partner/company/{id}
Usage Samples
curl -X put "/partner/company/{id}"Parameters
Path parameters
| Name | Description |
|---|---|
| id* |
Responses
Status: 200 - successful operation
Update partner
According to user's permission, create or update partner. Identifier is email
/partner/{id}
Usage Samples
curl -X put "/partner/{id}"Parameters
Path parameters
| Name | Description |
|---|---|
| id* |
Responses
Status: 200 - successful operation
Components
Get components catalog
According to user's permission, returns components catalog with blacklist/whitelist classification definition
/domains/{domainId}/componentCatalog
Usage Samples
curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/componentCatalog"Parameters
Path parameters
| Name | Description |
|---|---|
| domainId* |
Responses
Status: 200 - body
Status: 403 - Access forbidden
Status: 404 - Application not found
Status: 500 - Internal server error
Get components for domain
According to user's permission, returns components in domain with usage.
/domains/{domainId}/thirdparty
Usage Samples
curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/thirdparty"Parameters
Path parameters
| Name | Description |
|---|---|
| domainId* |
Responses
Status: 200 - successful operation
Status: 403 - Access forbidden
Status: 404 - Application not found
Status: 500 - Internal server error
Get components usage in domain
According to user's permission, returns components with version and application using them.
Use body on post to send the list of component
/domains/{domainId}/thirdpartyUsage
Usage Samples
curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/thirdpartyUsage"Parameters
Header parameters
| Name | Description |
|---|---|
| Content-Type | application/json |
Path parameters
| Name | Description |
|---|---|
| domainId* |
Body parameters
| Name | Description |
|---|---|
| body * |
Responses
Status: 200 - successful operation
Status: 403 - Access forbidden
Status: 500 - Internal server error
CustomDashboard
Save or update custom dashboard
According to user's permission, returns save or update custom dashboard
/domains/{domainId}/customdashboard
Usage Samples
curl -X post -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/customdashboard"Parameters
Header parameters
| Name | Description |
|---|
Path parameters
| Name | Description |
|---|---|
| domainId* |
Body parameters
| Name | Description |
|---|---|
| body * |