Highlight REST API

Security

For accessing the API, use a Basic access authentication (the security will be improved later). You need to send the login and password, separated by a single colon (":") character, within a base64 encoded string in the credentials.
The following syntax must be used in the 'Authorization' header :
Basic dXNlcm5hbWVAY29tcGFueS5jb206cGFzc3dvcmQ=

Alert

Get applications triggered an alert filtred by health factor, domains, technologies and campaigns

According to user's permission, returns top 20 alerts by domain filtred by domains, technologies and campaigns


/domains/{domainId}/alerts/applications

Usage Samples

curl -X post -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/alerts/applications"

Parameters

Header parameters
Name Description
Path parameters
Name Description
domainId*
Body parameters
Name Description
body *

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 500 - Internal server error


Get top 20 alerts by domain

According to user's permission, returns top 20 alerts by domain


/domains/{domainId}/alerts

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/alerts"

Parameters

Path parameters
Name Description
domainId*

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 500 - Internal server error


Get top 20 alerts by domain filtred

According to user's permission, returns top 20 alerts by domain filtred by domains, technologies and campaigns


/domains/{domainId}/alerts

Usage Samples

curl -X post -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/alerts"

Parameters

Header parameters
Name Description
Path parameters
Name Description
domainId*
Body parameters
Name Description
body *

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 500 - Internal server error


Applications

Add a tag to an application

According to user's permission, Add a tag to an application


/domains/{domainId}/applications/{applicationId}/tags/{tagId}

Usage Samples

curl -X post -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/tags/{tagId}"

Parameters

Path parameters
Name Description
domainId*
applicationId*
tagId*

Responses

Status: 204 - Successful operation

Status: 403 - Access forbidden

Status: 404 - Application not found

Status: 500 - Internal server error


Create or update applications

According to user's permission, create or update applications. To identify a contributor or a domain, you can use either the id or the client reference


/domains/{domainId}/applications

Usage Samples

curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications"

Parameters

Header parameters
Name Description
Content-Type application/json
Path parameters
Name Description
domainId*
Body parameters
Name Description
body *

Responses

Status: 200 - successful operation

Status: 400 - Bad request

Status: 403 - Access forbidden

Status: 500 - Internal server error


Delete application

According to user's permission, delete an application.


/domains/{domainId}/applications/{applicationId}

Usage Samples

curl -X delete -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}"

Parameters

Path parameters
Name Description
domainId*
applicationId*

Responses

Status: 400 - Bad request

Status: 403 - Access forbidden

Status: 500 - Internal server error


Remove a tag from an application

According to user's permission, Remove a tag from an application


/domains/{domainId}/applications/{applicationId}/tags/{tagId}

Usage Samples

curl -X delete -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/tags/{tagId}"

Parameters

Path parameters
Name Description
domainId*
applicationId*
tagId*

Responses

Status: 204 - Successful operation

Status: 403 - Access forbidden

Status: 404 - Application not found

Status: 500 - Internal server error


Get cves aggregation by application

According to user's permission, returns cves aggregation by application


/domains/{domainId}/applications/vulnerabilities/aggregated

Usage Samples

curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/vulnerabilities/aggregated"

Parameters

Path parameters
Name Description
domainId*

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 406 - Accept-headers is not valid

Status: 500 - Internal server error


Get application

According to user's permission, returns application details


/domains/{domainId}/applications/{applicationId}

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}?expand="

Parameters

Path parameters
Name Description
domainId*
applicationId*
Query parameters
Name Description
expand

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 404 - Application not found

Status: 500 - Internal server error


Get application result for application

According to user's permission, returns application result details


/domains/{domainId}/applications/{applicationId}/results/{resultId}

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/results/{resultId}"

Parameters

Path parameters
Name Description
domainId*
applicationId*
resultId*

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 500 - Internal server error


Get application thirdparties

According to user's permission, returns application thirdparties


/domains/{domainId}/applications/{applicationId}/thirdparty

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/thirdparty"

Parameters

Path parameters
Name Description
domainId*
applicationId*

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 404 - Application not found

Status: 500 - Internal server error


Get all applications by domain

According to user's permission, returns all applications details for a domain


/domains/{domainId}/applications

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications?expand="

Parameters

Path parameters
Name Description
domainId*
Query parameters
Name Description
expand

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 500 - Internal server error


Get cloud recommendation by application

According to user's permission, returns get cloud recommendation by application


/domains/{domainId}/applications/{applicationId}/recommendation

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/recommendation"

Parameters

Path parameters
Name Description
domainId*
applicationId*

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 406 - Accept-headers is not valid

Status: 500 - Internal server error


Get cves aggregation with trends by application

According to user's permission, returns cves aggregation with trends by application


/domains/{domainId}/applications/{applicationId}/vulnerabilities/aggregated

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/vulnerabilities/aggregated"

Parameters

Path parameters
Name Description
domainId*
applicationId*

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 406 - Accept-headers is not valid

Status: 500 - Internal server error


Get last top risk for application

According to user's permission, returns application last top risk


/domains/{domainId}/applications/{applicationId}/alerts

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/alerts"

Parameters

Path parameters
Name Description
domainId*
applicationId*
Header parameters
Name Description
Accept-Language

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 406 - Accept-headers is not valid

Status: 500 - Internal server error


Get application results for application

According to user's permission, returns all results for application.


/domains/{domainId}/applications/{applicationId}/results

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/results"

Parameters

Path parameters
Name Description
domainId*
applicationId*

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 500 - Internal server error


Get tags for an application

According to user's permission, Get tags for an application


/domains/{domainId}/applications/{applicationId}/tags

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/tags"

Parameters

Path parameters
Name Description
domainId*
applicationId*

Responses

Status: 200 - Successful operation

Status: 403 - Access forbidden

Status: 404 - Application not found

Status: 500 - Internal server error


Answer survey for application on result

According to user's permission, Set or update answers for a specific application & survey on existing result


/domains/{domainId}/applications/{applicationId}/results/{resultId}/surveys/{surveyId}

Usage Samples

curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/results/{resultId}/surveys/{surveyId}"

Parameters

Header parameters
Name Description
Content-Type application/json
Path parameters
Name Description
domainId*
applicationId*
surveyId*
resultId*
Body parameters
Name Description
body *

Responses

Status: 200 - successful operation

Status: 400 - Bad request

Status: 403 - Access forbidden

Status: 404 - Results not found

Status: 500 - Internal server error


Answer survey for application on campaign

According to user's permission, Set or update answers for a specific application & survey on existing campaign result


/domains/{domainId}/applications/{applicationId}/campaigns/{campaignId}/surveys/{surveyId}

Usage Samples

curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/campaigns/{campaignId}/surveys/{surveyId}"

Parameters

Header parameters
Name Description
Content-Type application/json
Path parameters
Name Description
domainId*
applicationId*
surveyId*
campaignId*
Body parameters
Name Description
body *

Responses

Status: 200 - successful operation

Status: 400 - Bad request

Status: 403 - Access forbidden

Status: 404 - Results not found

Status: 500 - Internal server error


Submit result for application

Result might contains survey and/or scans. Submit will launch compute process and will make the result visible on the portal


/domains/{domainId}/applications/{applicationId}/results/{resultId}/submit

Usage Samples

curl -X post -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/results/{resultId}/submit"

Parameters

Path parameters
Name Description
domainId*
applicationId*
resultId*

Responses

Status: 400 - Bad request

Status: 403 - Access forbidden

Status: 404 - Results not found

Status: 500 - Internal server error


Submit result for application

Result might contains survey and/or scans. Submit will launch compute process and will make the result visible on the portal


/domains/{domainId}/applications/{applicationId}/campaigns/{campaignId}/submit

Usage Samples

curl -X post -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/campaigns/{campaignId}/submit"

Parameters

Path parameters
Name Description
domainId*
applicationId*
campaignId*

Responses

Status: 400 - Bad request

Status: 403 - Access forbidden

Status: 404 - Results not found

Status: 500 - Internal server error


Update application

According to user's permission, update application. To identify a contributor or a domain, you can use either the id or the client reference


/domains/{domainId}/applications/{applicationId}

Usage Samples

curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}"

Parameters

Header parameters
Name Description
Content-Type application/json
Path parameters
Name Description
domainId*
applicationId*
Body parameters
Name Description
body *

Responses

Status: 200 - successful operation

Status: 400 - Bad request

Status: 403 - Access forbidden

Status: 500 - Internal server error


Update information for one application result

According to user's permission, edit some attribute on application result


/domains/{domainId}/applications/{applicationId}/results/{resultId}

Usage Samples

curl -X put -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/applications/{applicationId}/results/{resultId}"

Parameters

Header parameters
Name Description
Path parameters
Name Description
domainId*
applicationId*
resultId*
Body parameters
Name Description
body *

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 500 - Internal server error


AuthToken


/authtoken

Usage Samples

curl -X get "/authtoken"

Parameters

Responses

Status: 200 - successful operation


Benchmark

Get benchmark metrics

return benchmark metrics computed on all applications


/benchmark

Usage Samples

curl -X get -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/benchmark"

Parameters

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 500 - Internal server error


Get benchmark alerts

return benchmark alerts on all applications and technologies


/benchmark/alerts

Usage Samples

curl -X get -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/benchmark/alerts"

Parameters

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 500 - Internal server error


Get benchmark alerts

return benchmark alerts on all applications and technologies


/benchmark/alerts

Usage Samples

curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/benchmark/alerts"

Parameters

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 500 - Internal server error


Campaigns

Create or update campaigns

According to user's permission, create or update campaigns. To identify an application, you can use either the id or the client reference


/domains/{domainId}/campaigns

Usage Samples

curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/campaigns"

Parameters

Header parameters
Name Description
Content-Type application/json
Path parameters
Name Description
domainId*
Body parameters
Name Description
body *

Responses

Status: 200 - successful operation

Status: 400 - Bad request

Status: 403 - Access forbidden

Status: 500 - Internal server error


Get campaign

According to user's permission, return campaign detail


/domains/{domainId}/campaigns/{campaignId}

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/campaigns/{campaignId}"

Parameters

Path parameters
Name Description
domainId*
campaignId*

Responses

Status: 200 - successful operation

Status: 400 - Bad request

Status: 403 - Access forbidden

Status: 500 - Internal server error


Get campaigns

According to user's permission, return list campaign detail by domain


/domains/{domainId}/campaigns

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/campaigns"

Parameters

Path parameters
Name Description
domainId*

Responses

Status: 200 - successful operation

Status: 400 - Bad request

Status: 403 - Access forbidden

Status: 500 - Internal server error


Companies

Create company by a partner

According to user's permission, create company for partner.


/partner/company

Usage Samples

curl -X post "/partner/company"

Parameters

Responses

Status: 200 - successful operation


Create or update partner

According to user's permission, create or update partner. Identifier is email


/partner

Usage Samples

curl -X post "/partner"

Parameters

Responses

Status: 200 - successful operation


Delete partner

According to user's permission, delete partner.


/partner/{id}

Usage Samples

curl -X delete "/partner/{id}"

Parameters

Path parameters
Name Description
id*

Responses

Status: default - successful operation


Delete partner company

According to user's permission, delete partner company.


/partner/company/{id}

Usage Samples

curl -X delete "/partner/company/{id}"

Parameters

Path parameters
Name Description
id*

Responses

Status: default - successful operation


Get Company

According to user's permission, return company details


/companies

Usage Samples

curl -X get -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/companies"

Parameters

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 404 - Domain not found

Status: 500 - Internal server error


Get Company

According to user's permission, return company details


/companies/{companyId}

Usage Samples

curl -X get -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/companies/{companyId}"

Parameters

Path parameters
Name Description
companyId*

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 404 - Domain not found

Status: 500 - Internal server error


Get Partner

According to user's permission, return partner


/partner/{id}

Usage Samples

curl -X get "/partner/{id}"

Parameters

Path parameters
Name Description
id*

Responses

Status: 200 - successful operation


Create company by a partner

According to user's permission, create company for partner.


/partner/company

Usage Samples

curl -X get "/partner/company"

Parameters

Responses

Status: 200 - successful operation


Get partner company

According to user's permission, get company information.


/partner/company/{id}

Usage Samples

curl -X get "/partner/company/{id}"

Parameters

Path parameters
Name Description
id*

Responses

Status: 200 - successful operation


Get Partner

According to user's permission, return partner


/partner/new

Usage Samples

curl -X get "/partner/new"

Parameters

Responses

Status: 200 - successful operation


Create company by a partner

According to user's permission, create company for partner.


/partner/company/new

Usage Samples

curl -X get "/partner/company/new"

Parameters

Responses

Status: 200 - successful operation


Get Partners

According to user's permission, return partners


/partner

Usage Samples

curl -X get "/partner"

Parameters

Responses

Status: 200 - successful operation



/partner/report

Usage Samples

curl -X get "/partner/report"

Parameters

Responses

Status: default - successful operation



/partner/report/{id}

Usage Samples

curl -X get "/partner/report/{id}"

Parameters

Path parameters
Name Description
id*

Responses

Status: default - successful operation


Create company by a partner

According to user's permission, create company for partner.


/partner/company/{id}

Usage Samples

curl -X put "/partner/company/{id}"

Parameters

Path parameters
Name Description
id*

Responses

Status: 200 - successful operation


Update partner

According to user's permission, create or update partner. Identifier is email


/partner/{id}

Usage Samples

curl -X put "/partner/{id}"

Parameters

Path parameters
Name Description
id*

Responses

Status: 200 - successful operation


Components

Get components catalog

According to user's permission, returns components catalog with blacklist/whitelist classification definition


/domains/{domainId}/componentCatalog

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/componentCatalog"

Parameters

Path parameters
Name Description
domainId*

Responses

Status: 200 - body

Status: 403 - Access forbidden

Status: 404 - Application not found

Status: 500 - Internal server error


Get components for domain

According to user's permission, returns components in domain with usage.


/domains/{domainId}/thirdparty

Usage Samples

curl -X get -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/thirdparty"

Parameters

Path parameters
Name Description
domainId*

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 404 - Application not found

Status: 500 - Internal server error


Get components usage in domain

According to user's permission, returns components with version and application using them.
Use body on post to send the list of component


/domains/{domainId}/thirdpartyUsage

Usage Samples

curl -X post -H "Accept: application/json" -H "Content-Type: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/thirdpartyUsage"

Parameters

Header parameters
Name Description
Content-Type application/json
Path parameters
Name Description
domainId*
Body parameters
Name Description
body *

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 500 - Internal server error


CustomDashboard

Save or update custom dashboard

According to user's permission, returns save or update custom dashboard


/domains/{domainId}/customdashboard

Usage Samples

curl -X post -H "Accept: application/json" -H "Authorization: Basic [[basicHash]]" "/domains/{domainId}/customdashboard"

Parameters

Header parameters
Name Description
Path parameters
Name Description
domainId*
Body parameters
Name Description
body *

Responses

Status: 200 - successful operation

Status: 403 - Access forbidden

Status: 404 - Domain not found

Status: 500 - Internal server error