Native Sast | API Documentation

Get Native Sast Terms

get

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

service_idany ofOptional

integerOptional

or

nullOptional

code_root_idany ofOptional

integerOptional

or

nullOptional

repository_idany ofOptional

stringOptional

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

/api/native_sast/_terms

GET /api/native_sast/_terms HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "terms": [
    {
      "name": "text",
      "lazy_load": false,
      "depends_on": [
        "text"
      ],
      "type": "Int",
      "terms": [
        {
          "lowerBound": 1,
          "upperBound": 1,
          "count": 1
        }
      ]
    }
  ]
}

List Global Native Sast Findings Get

get

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

service_idany ofOptional

integerOptional

or

nullOptional

code_root_idany ofOptional

integerOptional

or

nullOptional

repository_idany ofOptional

stringOptional

or

nullOptional

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

/api/native_sast/findings

GET /api/native_sast/findings HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "items": [
    {
      "id": 1,
      "finding_id": "text",
      "provider_id": "text",
      "sast_tool_id": "text",
      "finding_type": "text",
      "finding_scope": "text",
      "rule_set": "text",
      "rule_set_version": "text",
      "rule_id": "text",
      "rule_name": "text",
      "rule_category": "text",
      "severity": "text",
      "confidence": "text",
      "triage_status": "text",
      "lifecycle_status": "text",
      "fix_status": "text",
      "fix_details": {
        "ANY_ADDITIONAL_PROPERTY": "anything"
      },
      "obs_first_obs_id": "text",
      "obs_recent_obs_id": "text",
      "obs_count": 1,
      "repository_id": "text",
      "branch_id": "text",
      "commit_hash": "text",
      "code_root_id": 1,
      "code_root": "text",
      "file_path": "text",
      "file_type": "text",
      "language": "text",
      "location_type": "text",
      "start_line": 1,
      "end_line": 1,
      "start_column": 1,
      "end_column": 1,
      "message": "text",
      "committed_at": "2026-01-23T00:57:54.606Z",
      "introduced_at": "2026-01-23T00:57:54.606Z",
      "observed_at": "2026-01-23T00:57:54.606Z",
      "xrefs_cwes": [
        "text"
      ],
      "xrefs_cves": [
        "text"
      ],
      "xrefs_ghsas": [
        "text"
      ],
      "xrefs_owasp_concerns": [
        "text"
      ],
      "xrefs_customs": [
        {
          "ANY_ADDITIONAL_PROPERTY": "anything"
        }
      ],
      "extra": {
        "ANY_ADDITIONAL_PROPERTY": "anything"
      },
      "created_at": "2026-01-23T00:57:54.606Z",
      "updated_at": "2026-01-23T00:57:54.606Z"
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

List Global Native Sast Findings

post

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

service_idany ofOptional

integerOptional

or

nullOptional

code_root_idany ofOptional

integerOptional

or

nullOptional

repository_idany ofOptional

stringOptional

or

nullOptional

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Body

Request schema for querying Native SAST findings.

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

post

/api/native_sast/findings

POST /api/native_sast/findings HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "items": [
    {
      "id": 1,
      "finding_id": "text",
      "provider_id": "text",
      "sast_tool_id": "text",
      "finding_type": "text",
      "finding_scope": "text",
      "rule_set": "text",
      "rule_set_version": "text",
      "rule_id": "text",
      "rule_name": "text",
      "rule_category": "text",
      "severity": "text",
      "confidence": "text",
      "triage_status": "text",
      "lifecycle_status": "text",
      "fix_status": "text",
      "fix_details": {
        "ANY_ADDITIONAL_PROPERTY": "anything"
      },
      "obs_first_obs_id": "text",
      "obs_recent_obs_id": "text",
      "obs_count": 1,
      "repository_id": "text",
      "branch_id": "text",
      "commit_hash": "text",
      "code_root_id": 1,
      "code_root": "text",
      "file_path": "text",
      "file_type": "text",
      "language": "text",
      "location_type": "text",
      "start_line": 1,
      "end_line": 1,
      "start_column": 1,
      "end_column": 1,
      "message": "text",
      "committed_at": "2026-01-23T00:57:54.606Z",
      "introduced_at": "2026-01-23T00:57:54.606Z",
      "observed_at": "2026-01-23T00:57:54.606Z",
      "xrefs_cwes": [
        "text"
      ],
      "xrefs_cves": [
        "text"
      ],
      "xrefs_ghsas": [
        "text"
      ],
      "xrefs_owasp_concerns": [
        "text"
      ],
      "xrefs_customs": [
        {
          "ANY_ADDITIONAL_PROPERTY": "anything"
        }
      ],
      "extra": {
        "ANY_ADDITIONAL_PROPERTY": "anything"
      },
      "created_at": "2026-01-23T00:57:54.606Z",
      "updated_at": "2026-01-23T00:57:54.606Z"
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

List Module Native Sast Findings

get

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

repo_idstringRequired

code_rootstringRequired

Query parameters

fix_statusany ofOptional

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

Body

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

/api/native_sast/repositories/{repo_id}/code_roots/{code_root}/findings

GET /api/native_sast/repositories/{repo_id}/code_roots/{code_root}/findings HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "items": [
    {
      "id": 1,
      "finding_id": "text",
      "provider_id": "text",
      "sast_tool_id": "text",
      "finding_type": "text",
      "finding_scope": "text",
      "rule_set": "text",
      "rule_set_version": "text",
      "rule_id": "text",
      "rule_name": "text",
      "rule_category": "text",
      "severity": "text",
      "confidence": "text",
      "triage_status": "text",
      "lifecycle_status": "text",
      "fix_status": "text",
      "fix_details": {
        "ANY_ADDITIONAL_PROPERTY": "anything"
      },
      "obs_first_obs_id": "text",
      "obs_recent_obs_id": "text",
      "obs_count": 1,
      "repository_id": "text",
      "branch_id": "text",
      "commit_hash": "text",
      "code_root_id": 1,
      "code_root": "text",
      "file_path": "text",
      "file_type": "text",
      "language": "text",
      "location_type": "text",
      "start_line": 1,
      "end_line": 1,
      "start_column": 1,
      "end_column": 1,
      "message": "text",
      "committed_at": "2026-01-23T00:57:54.606Z",
      "introduced_at": "2026-01-23T00:57:54.606Z",
      "observed_at": "2026-01-23T00:57:54.606Z",
      "xrefs_cwes": [
        "text"
      ],
      "xrefs_cves": [
        "text"
      ],
      "xrefs_ghsas": [
        "text"
      ],
      "xrefs_owasp_concerns": [
        "text"
      ],
      "xrefs_customs": [
        {
          "ANY_ADDITIONAL_PROPERTY": "anything"
        }
      ],
      "extra": {
        "ANY_ADDITIONAL_PROPERTY": "anything"
      },
      "created_at": "2026-01-23T00:57:54.606Z",
      "updated_at": "2026-01-23T00:57:54.606Z"
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

List Module Native Sast Findings

post

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

repo_idstringRequired

code_rootstringRequired

Query parameters

fix_statusany ofOptional

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

Body

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

post

/api/native_sast/repositories/{repo_id}/code_roots/{code_root}/findings

POST /api/native_sast/repositories/{repo_id}/code_roots/{code_root}/findings HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "items": [
    {
      "id": 1,
      "finding_id": "text",
      "provider_id": "text",
      "sast_tool_id": "text",
      "finding_type": "text",
      "finding_scope": "text",
      "rule_set": "text",
      "rule_set_version": "text",
      "rule_id": "text",
      "rule_name": "text",
      "rule_category": "text",
      "severity": "text",
      "confidence": "text",
      "triage_status": "text",
      "lifecycle_status": "text",
      "fix_status": "text",
      "fix_details": {
        "ANY_ADDITIONAL_PROPERTY": "anything"
      },
      "obs_first_obs_id": "text",
      "obs_recent_obs_id": "text",
      "obs_count": 1,
      "repository_id": "text",
      "branch_id": "text",
      "commit_hash": "text",
      "code_root_id": 1,
      "code_root": "text",
      "file_path": "text",
      "file_type": "text",
      "language": "text",
      "location_type": "text",
      "start_line": 1,
      "end_line": 1,
      "start_column": 1,
      "end_column": 1,
      "message": "text",
      "committed_at": "2026-01-23T00:57:54.606Z",
      "introduced_at": "2026-01-23T00:57:54.606Z",
      "observed_at": "2026-01-23T00:57:54.606Z",
      "xrefs_cwes": [
        "text"
      ],
      "xrefs_cves": [
        "text"
      ],
      "xrefs_ghsas": [
        "text"
      ],
      "xrefs_owasp_concerns": [
        "text"
      ],
      "xrefs_customs": [
        {
          "ANY_ADDITIONAL_PROPERTY": "anything"
        }
      ],
      "extra": {
        "ANY_ADDITIONAL_PROPERTY": "anything"
      },
      "created_at": "2026-01-23T00:57:54.606Z",
      "updated_at": "2026-01-23T00:57:54.606Z"
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

Get Repo Module Summary

get

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

repo_idstringRequired

code_rootstringRequired

Query parameters

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Body

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

/api/native_sast/repositories/{repo_id}/code_roots/{code_root}

GET /api/native_sast/repositories/{repo_id}/code_roots/{code_root} HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "module_id": 1,
  "module": "text",
  "module_type": "text",
  "finding_count": 1,
  "observation_count": 1,
  "distinct_rule_count": 0,
  "distinct_repository_count": 0,
  "provider_ids": [
    "text"
  ],
  "tool_ids": [
    "text"
  ],
  "first_observed_at": "2026-01-23T00:57:54.606Z",
  "most_recent_observed_at": "2026-01-23T00:57:54.606Z",
  "critical_findings": 0,
  "high_findings": 0,
  "medium_findings": 0,
  "low_findings": 0,
  "repository_id": "text",
  "language": "text",
  "latest_observation_at": "2026-01-23T00:57:54.606Z"
}

Get Repo Module Summary

post

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

repo_idstringRequired

code_rootstringRequired

Query parameters

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Body

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

post

/api/native_sast/repositories/{repo_id}/code_roots/{code_root}

POST /api/native_sast/repositories/{repo_id}/code_roots/{code_root} HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "module_id": 1,
  "module": "text",
  "module_type": "text",
  "finding_count": 1,
  "observation_count": 1,
  "distinct_rule_count": 0,
  "distinct_repository_count": 0,
  "provider_ids": [
    "text"
  ],
  "tool_ids": [
    "text"
  ],
  "first_observed_at": "2026-01-23T00:57:54.606Z",
  "most_recent_observed_at": "2026-01-23T00:57:54.606Z",
  "critical_findings": 0,
  "high_findings": 0,
  "medium_findings": 0,
  "low_findings": 0,
  "repository_id": "text",
  "language": "text",
  "latest_observation_at": "2026-01-23T00:57:54.606Z"
}

List Repo Code Roots

get

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

repo_idstringRequired

Query parameters

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Body

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

/api/native_sast/repositories/{repo_id}/code_roots

GET /api/native_sast/repositories/{repo_id}/code_roots HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "items": [
    {
      "module_id": 1,
      "module": "text",
      "module_type": "text",
      "finding_count": 1,
      "observation_count": 1,
      "distinct_rule_count": 0,
      "distinct_repository_count": 0,
      "provider_ids": [
        "text"
      ],
      "tool_ids": [
        "text"
      ],
      "first_observed_at": "2026-01-23T00:57:54.606Z",
      "most_recent_observed_at": "2026-01-23T00:57:54.606Z",
      "critical_findings": 0,
      "high_findings": 0,
      "medium_findings": 0,
      "low_findings": 0,
      "repository_id": "text",
      "language": "text",
      "latest_observation_at": "2026-01-23T00:57:54.606Z"
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

List Repo Code Roots

post

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

repo_idstringRequired

Query parameters

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Body

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

post

/api/native_sast/repositories/{repo_id}/code_roots

POST /api/native_sast/repositories/{repo_id}/code_roots HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "items": [
    {
      "module_id": 1,
      "module": "text",
      "module_type": "text",
      "finding_count": 1,
      "observation_count": 1,
      "distinct_rule_count": 0,
      "distinct_repository_count": 0,
      "provider_ids": [
        "text"
      ],
      "tool_ids": [
        "text"
      ],
      "first_observed_at": "2026-01-23T00:57:54.606Z",
      "most_recent_observed_at": "2026-01-23T00:57:54.606Z",
      "critical_findings": 0,
      "high_findings": 0,
      "medium_findings": 0,
      "low_findings": 0,
      "repository_id": "text",
      "language": "text",
      "latest_observation_at": "2026-01-23T00:57:54.606Z"
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

List Repo Native Sast Findings

get

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

repo_idstringRequired

Query parameters

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Body

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

/api/native_sast/repositories/{repo_id}/findings

GET /api/native_sast/repositories/{repo_id}/findings HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "items": [
    {
      "id": 1,
      "finding_id": "text",
      "provider_id": "text",
      "sast_tool_id": "text",
      "finding_type": "text",
      "finding_scope": "text",
      "rule_set": "text",
      "rule_set_version": "text",
      "rule_id": "text",
      "rule_name": "text",
      "rule_category": "text",
      "severity": "text",
      "confidence": "text",
      "triage_status": "text",
      "lifecycle_status": "text",
      "fix_status": "text",
      "fix_details": {
        "ANY_ADDITIONAL_PROPERTY": "anything"
      },
      "obs_first_obs_id": "text",
      "obs_recent_obs_id": "text",
      "obs_count": 1,
      "repository_id": "text",
      "branch_id": "text",
      "commit_hash": "text",
      "code_root_id": 1,
      "code_root": "text",
      "file_path": "text",
      "file_type": "text",
      "language": "text",
      "location_type": "text",
      "start_line": 1,
      "end_line": 1,
      "start_column": 1,
      "end_column": 1,
      "message": "text",
      "committed_at": "2026-01-23T00:57:54.606Z",
      "introduced_at": "2026-01-23T00:57:54.606Z",
      "observed_at": "2026-01-23T00:57:54.606Z",
      "xrefs_cwes": [
        "text"
      ],
      "xrefs_cves": [
        "text"
      ],
      "xrefs_ghsas": [
        "text"
      ],
      "xrefs_owasp_concerns": [
        "text"
      ],
      "xrefs_customs": [
        {
          "ANY_ADDITIONAL_PROPERTY": "anything"
        }
      ],
      "extra": {
        "ANY_ADDITIONAL_PROPERTY": "anything"
      },
      "created_at": "2026-01-23T00:57:54.606Z",
      "updated_at": "2026-01-23T00:57:54.606Z"
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

List Repo Native Sast Findings

post

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

repo_idstringRequired

Query parameters

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Body

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

post

/api/native_sast/repositories/{repo_id}/findings

POST /api/native_sast/repositories/{repo_id}/findings HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "items": [
    {
      "id": 1,
      "finding_id": "text",
      "provider_id": "text",
      "sast_tool_id": "text",
      "finding_type": "text",
      "finding_scope": "text",
      "rule_set": "text",
      "rule_set_version": "text",
      "rule_id": "text",
      "rule_name": "text",
      "rule_category": "text",
      "severity": "text",
      "confidence": "text",
      "triage_status": "text",
      "lifecycle_status": "text",
      "fix_status": "text",
      "fix_details": {
        "ANY_ADDITIONAL_PROPERTY": "anything"
      },
      "obs_first_obs_id": "text",
      "obs_recent_obs_id": "text",
      "obs_count": 1,
      "repository_id": "text",
      "branch_id": "text",
      "commit_hash": "text",
      "code_root_id": 1,
      "code_root": "text",
      "file_path": "text",
      "file_type": "text",
      "language": "text",
      "location_type": "text",
      "start_line": 1,
      "end_line": 1,
      "start_column": 1,
      "end_column": 1,
      "message": "text",
      "committed_at": "2026-01-23T00:57:54.606Z",
      "introduced_at": "2026-01-23T00:57:54.606Z",
      "observed_at": "2026-01-23T00:57:54.606Z",
      "xrefs_cwes": [
        "text"
      ],
      "xrefs_cves": [
        "text"
      ],
      "xrefs_ghsas": [
        "text"
      ],
      "xrefs_owasp_concerns": [
        "text"
      ],
      "xrefs_customs": [
        {
          "ANY_ADDITIONAL_PROPERTY": "anything"
        }
      ],
      "extra": {
        "ANY_ADDITIONAL_PROPERTY": "anything"
      },
      "created_at": "2026-01-23T00:57:54.606Z",
      "updated_at": "2026-01-23T00:57:54.606Z"
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

Get Repository Summary

get

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

repo_idstringRequired

Query parameters

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

/api/native_sast/repositories/{repo_id}

GET /api/native_sast/repositories/{repo_id} HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "repository_id": "text",
  "finding_count": 1,
  "observation_count": 1,
  "critical_findings": 0,
  "high_findings": 0,
  "medium_findings": 0,
  "low_findings": 0,
  "distinct_rule_count": 0,
  "distinct_module_count": 0,
  "latest_observation_at": "2026-01-23T00:57:54.606Z"
}

List Native Sast Findings By Rule

get

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

service_idany ofOptional

integerOptional

or

nullOptional

code_root_idany ofOptional

integerOptional

or

nullOptional

repository_idany ofOptional

stringOptional

or

nullOptional

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Body

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

/api/native_sast/findings/rules

GET /api/native_sast/findings/rules HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "items": [
    {
      "rule_set": "text",
      "rule_id": "text",
      "rule_name": "text",
      "rule_category": "text",
      "finding_type": "text",
      "severity": "text",
      "confidence": "text",
      "finding_count": 1,
      "distinct_module_count": 0,
      "distinct_repository_count": 0,
      "provider_ids": [
        "text"
      ],
      "tool_ids": [
        "text"
      ],
      "first_observed_at": "2026-01-23T00:57:54.606Z",
      "most_recent_observed_at": "2026-01-23T00:57:54.606Z",
      "cwe": [
        "text"
      ],
      "owasp": [
        "text"
      ]
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

List Native Sast Findings By Rule

post

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

service_idany ofOptional

integerOptional

or

nullOptional

code_root_idany ofOptional

integerOptional

or

nullOptional

repository_idany ofOptional

stringOptional

or

nullOptional

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Body

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

post

/api/native_sast/findings/rules

POST /api/native_sast/findings/rules HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "items": [
    {
      "rule_set": "text",
      "rule_id": "text",
      "rule_name": "text",
      "rule_category": "text",
      "finding_type": "text",
      "severity": "text",
      "confidence": "text",
      "finding_count": 1,
      "distinct_module_count": 0,
      "distinct_repository_count": 0,
      "provider_ids": [
        "text"
      ],
      "tool_ids": [
        "text"
      ],
      "first_observed_at": "2026-01-23T00:57:54.606Z",
      "most_recent_observed_at": "2026-01-23T00:57:54.606Z",
      "cwe": [
        "text"
      ],
      "owasp": [
        "text"
      ]
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

List Native Sast Findings By Category

get

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

service_idany ofOptional

integerOptional

or

nullOptional

code_root_idany ofOptional

integerOptional

or

nullOptional

repository_idany ofOptional

stringOptional

or

nullOptional

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Body

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

/api/native_sast/findings/categories

GET /api/native_sast/findings/categories HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "items": [
    {
      "rule_category": "text",
      "finding_count": 1,
      "distinct_rule_count": 0,
      "distinct_module_count": 0,
      "distinct_repository_count": 0,
      "provider_ids": [
        "text"
      ],
      "tool_ids": [
        "text"
      ],
      "first_observed_at": "2026-01-23T00:57:54.606Z",
      "most_recent_observed_at": "2026-01-23T00:57:54.606Z",
      "critical_count": 0,
      "high_count": 0,
      "medium_count": 0,
      "low_count": 0,
      "info_count": 0
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

List Native Sast Findings By Category

post

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

service_idany ofOptional

integerOptional

or

nullOptional

code_root_idany ofOptional

integerOptional

or

nullOptional

repository_idany ofOptional

stringOptional

or

nullOptional

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Body

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

post

/api/native_sast/findings/categories

POST /api/native_sast/findings/categories HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "items": [
    {
      "rule_category": "text",
      "finding_count": 1,
      "distinct_rule_count": 0,
      "distinct_module_count": 0,
      "distinct_repository_count": 0,
      "provider_ids": [
        "text"
      ],
      "tool_ids": [
        "text"
      ],
      "first_observed_at": "2026-01-23T00:57:54.606Z",
      "most_recent_observed_at": "2026-01-23T00:57:54.606Z",
      "critical_count": 0,
      "high_count": 0,
      "medium_count": 0,
      "low_count": 0,
      "info_count": 0
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

List Finding Observations Get

get

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

idintegerRequired

Query parameters

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

/api/native_sast/findings/{id}/observations

GET /api/native_sast/findings/{id}/observations HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "items": [
    {
      "id": 1,
      "scan_job_id": 1,
      "native_sast_finding_id": 1,
      "rule_set_id": 1,
      "rule_id": "text",
      "observation_id": "text",
      "observed_at": "2026-01-23T00:57:54.606Z",
      "repository_id": "text",
      "branch_id": "text",
      "commit_hash": "text",
      "code_root_id": 1,
      "code_root": "text",
      "file_path": "text",
      "start_line": 1,
      "end_line": 1,
      "start_col": 1,
      "end_col": 1,
      "severity": "text",
      "confidence": "text",
      "message": "text",
      "matched_code_snippet": "text",
      "context_before": "text",
      "context_after": "text",
      "fix_status": "text",
      "fix_details": {
        "ANY_ADDITIONAL_PROPERTY": "anything"
      },
      "raw": {
        "ANY_ADDITIONAL_PROPERTY": "anything"
      },
      "obs_lsh": "text",
      "xrefs_cwes": [
        "text"
      ],
      "xrefs_cves": [
        "text"
      ],
      "xrefs_ghsas": [
        "text"
      ],
      "xrefs_owasp_concerns": [
        "text"
      ],
      "xrefs_customs": [
        {
          "ANY_ADDITIONAL_PROPERTY": "anything"
        }
      ],
      "extra": {
        "ANY_ADDITIONAL_PROPERTY": "anything"
      },
      "created_at": "2026-01-23T00:57:54.606Z",
      "updated_at": "2026-01-23T00:57:54.606Z"
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

List Finding Observations

post

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

idintegerRequired

Query parameters

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Body

Request schema for querying Native SAST findings.

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

post

/api/native_sast/findings/{id}/observations

POST /api/native_sast/findings/{id}/observations HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "items": [
    {
      "id": 1,
      "scan_job_id": 1,
      "native_sast_finding_id": 1,
      "rule_set_id": 1,
      "rule_id": "text",
      "observation_id": "text",
      "observed_at": "2026-01-23T00:57:54.606Z",
      "repository_id": "text",
      "branch_id": "text",
      "commit_hash": "text",
      "code_root_id": 1,
      "code_root": "text",
      "file_path": "text",
      "start_line": 1,
      "end_line": 1,
      "start_col": 1,
      "end_col": 1,
      "severity": "text",
      "confidence": "text",
      "message": "text",
      "matched_code_snippet": "text",
      "context_before": "text",
      "context_after": "text",
      "fix_status": "text",
      "fix_details": {
        "ANY_ADDITIONAL_PROPERTY": "anything"
      },
      "raw": {
        "ANY_ADDITIONAL_PROPERTY": "anything"
      },
      "obs_lsh": "text",
      "xrefs_cwes": [
        "text"
      ],
      "xrefs_cves": [
        "text"
      ],
      "xrefs_ghsas": [
        "text"
      ],
      "xrefs_owasp_concerns": [
        "text"
      ],
      "xrefs_customs": [
        {
          "ANY_ADDITIONAL_PROPERTY": "anything"
        }
      ],
      "extra": {
        "ANY_ADDITIONAL_PROPERTY": "anything"
      },
      "created_at": "2026-01-23T00:57:54.606Z",
      "updated_at": "2026-01-23T00:57:54.606Z"
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

List Findings By Module

get

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

service_idany ofOptional

integerOptional

or

nullOptional

code_root_idany ofOptional

integerOptional

or

nullOptional

repository_idany ofOptional

stringOptional

or

nullOptional

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Body

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

/api/native_sast/findings/code_roots

GET /api/native_sast/findings/code_roots HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "items": [
    {
      "module_id": 1,
      "module": "text",
      "module_type": "text",
      "finding_count": 1,
      "observation_count": 1,
      "distinct_rule_count": 0,
      "distinct_repository_count": 0,
      "provider_ids": [
        "text"
      ],
      "tool_ids": [
        "text"
      ],
      "first_observed_at": "2026-01-23T00:57:54.606Z",
      "most_recent_observed_at": "2026-01-23T00:57:54.606Z",
      "critical_findings": 0,
      "high_findings": 0,
      "medium_findings": 0,
      "low_findings": 0,
      "repository_id": "text",
      "language": "text",
      "latest_observation_at": "2026-01-23T00:57:54.606Z"
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

List Findings By Module

post

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

service_idany ofOptional

integerOptional

or

nullOptional

code_root_idany ofOptional

integerOptional

or

nullOptional

repository_idany ofOptional

stringOptional

or

nullOptional

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Body

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

post

/api/native_sast/findings/code_roots

POST /api/native_sast/findings/code_roots HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "items": [
    {
      "module_id": 1,
      "module": "text",
      "module_type": "text",
      "finding_count": 1,
      "observation_count": 1,
      "distinct_rule_count": 0,
      "distinct_repository_count": 0,
      "provider_ids": [
        "text"
      ],
      "tool_ids": [
        "text"
      ],
      "first_observed_at": "2026-01-23T00:57:54.606Z",
      "most_recent_observed_at": "2026-01-23T00:57:54.606Z",
      "critical_findings": 0,
      "high_findings": 0,
      "medium_findings": 0,
      "low_findings": 0,
      "repository_id": "text",
      "language": "text",
      "latest_observation_at": "2026-01-23T00:57:54.606Z"
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

List Findings By Repository

get

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

service_idany ofOptional

integerOptional

or

nullOptional

code_root_idany ofOptional

integerOptional

or

nullOptional

repository_idany ofOptional

stringOptional

or

nullOptional

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Body

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

/api/native_sast/findings/repositories

GET /api/native_sast/findings/repositories HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "items": [
    {
      "repository_id": "text",
      "finding_count": 1,
      "distinct_module_count": 0,
      "distinct_rule_count": 0,
      "provider_ids": [
        "text"
      ],
      "tool_ids": [
        "text"
      ],
      "first_observed_at": "2026-01-23T00:57:54.606Z",
      "most_recent_observed_at": "2026-01-23T00:57:54.606Z",
      "critical_count": 0,
      "high_count": 0,
      "medium_count": 0,
      "low_count": 0
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

List Findings By Repository

post

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Query parameters

service_idany ofOptional

integerOptional

or

nullOptional

code_root_idany ofOptional

integerOptional

or

nullOptional

repository_idany ofOptional

stringOptional

or

nullOptional

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Body

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

post

/api/native_sast/findings/repositories

POST /api/native_sast/findings/repositories HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "items": [
    {
      "repository_id": "text",
      "finding_count": 1,
      "distinct_module_count": 0,
      "distinct_rule_count": 0,
      "provider_ids": [
        "text"
      ],
      "tool_ids": [
        "text"
      ],
      "first_observed_at": "2026-01-23T00:57:54.606Z",
      "most_recent_observed_at": "2026-01-23T00:57:54.606Z",
      "critical_count": 0,
      "high_count": 0,
      "medium_count": 0,
      "low_count": 0
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

Get Native Sast Finding

get

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

idintegerRequired

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

/api/native_sast/findings/{id}

GET /api/native_sast/findings/{id} HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "id": 1,
  "finding_id": "text",
  "provider_id": "text",
  "sast_tool_id": "text",
  "finding_type": "text",
  "finding_scope": "text",
  "rule_set": "text",
  "rule_set_version": "text",
  "rule_id": "text",
  "rule_name": "text",
  "rule_category": "text",
  "severity": "text",
  "confidence": "text",
  "triage_status": "text",
  "lifecycle_status": "text",
  "fix_status": "text",
  "fix_details": {
    "ANY_ADDITIONAL_PROPERTY": "anything"
  },
  "obs_first_obs_id": "text",
  "obs_recent_obs_id": "text",
  "obs_count": 1,
  "repository_id": "text",
  "branch_id": "text",
  "commit_hash": "text",
  "code_root_id": 1,
  "code_root": "text",
  "file_path": "text",
  "file_type": "text",
  "language": "text",
  "location_type": "text",
  "start_line": 1,
  "end_line": 1,
  "start_column": 1,
  "end_column": 1,
  "message": "text",
  "committed_at": "2026-01-23T00:57:54.606Z",
  "introduced_at": "2026-01-23T00:57:54.606Z",
  "observed_at": "2026-01-23T00:57:54.606Z",
  "xrefs_cwes": [
    "text"
  ],
  "xrefs_cves": [
    "text"
  ],
  "xrefs_ghsas": [
    "text"
  ],
  "xrefs_owasp_concerns": [
    "text"
  ],
  "xrefs_customs": [
    {
      "ANY_ADDITIONAL_PROPERTY": "anything"
    }
  ],
  "extra": {
    "ANY_ADDITIONAL_PROPERTY": "anything"
  },
  "created_at": "2026-01-23T00:57:54.606Z",
  "updated_at": "2026-01-23T00:57:54.606Z"
}

Get Finding Observation

get

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

observation_idintegerRequired

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

/api/native_sast/observations/{observation_id}

GET /api/native_sast/observations/{observation_id} HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "id": 1,
  "scan_job_id": 1,
  "native_sast_finding_id": 1,
  "rule_set_id": 1,
  "rule_id": "text",
  "observation_id": "text",
  "observed_at": "2026-01-23T00:57:54.606Z",
  "repository_id": "text",
  "branch_id": "text",
  "commit_hash": "text",
  "code_root_id": 1,
  "code_root": "text",
  "file_path": "text",
  "start_line": 1,
  "end_line": 1,
  "start_col": 1,
  "end_col": 1,
  "severity": "text",
  "confidence": "text",
  "message": "text",
  "matched_code_snippet": "text",
  "context_before": "text",
  "context_after": "text",
  "fix_status": "text",
  "fix_details": {
    "ANY_ADDITIONAL_PROPERTY": "anything"
  },
  "raw": {
    "ANY_ADDITIONAL_PROPERTY": "anything"
  },
  "obs_lsh": "text",
  "xrefs_cwes": [
    "text"
  ],
  "xrefs_cves": [
    "text"
  ],
  "xrefs_ghsas": [
    "text"
  ],
  "xrefs_owasp_concerns": [
    "text"
  ],
  "xrefs_customs": [
    {
      "ANY_ADDITIONAL_PROPERTY": "anything"
    }
  ],
  "extra": {
    "ANY_ADDITIONAL_PROPERTY": "anything"
  },
  "created_at": "2026-01-23T00:57:54.606Z",
  "updated_at": "2026-01-23T00:57:54.606Z"
}

List Finding Code Roots Affected

get

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

idintegerRequired

Query parameters

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

Body

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

/api/native_sast/findings/{id}/code_roots

GET /api/native_sast/findings/{id}/code_roots HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "items": [
    {
      "module_id": 1,
      "module": "text",
      "module_type": "text",
      "finding_count": 1,
      "observation_count": 1,
      "distinct_rule_count": 0,
      "distinct_repository_count": 0,
      "provider_ids": [
        "text"
      ],
      "tool_ids": [
        "text"
      ],
      "first_observed_at": "2026-01-23T00:57:54.606Z",
      "most_recent_observed_at": "2026-01-23T00:57:54.606Z",
      "critical_findings": 0,
      "high_findings": 0,
      "medium_findings": 0,
      "low_findings": 0,
      "repository_id": "text",
      "language": "text",
      "latest_observation_at": "2026-01-23T00:57:54.606Z"
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

List Finding Code Roots Affected

post

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

idintegerRequired

Query parameters

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

Body

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

post

/api/native_sast/findings/{id}/code_roots

POST /api/native_sast/findings/{id}/code_roots HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "items": [
    {
      "module_id": 1,
      "module": "text",
      "module_type": "text",
      "finding_count": 1,
      "observation_count": 1,
      "distinct_rule_count": 0,
      "distinct_repository_count": 0,
      "provider_ids": [
        "text"
      ],
      "tool_ids": [
        "text"
      ],
      "first_observed_at": "2026-01-23T00:57:54.606Z",
      "most_recent_observed_at": "2026-01-23T00:57:54.606Z",
      "critical_findings": 0,
      "high_findings": 0,
      "medium_findings": 0,
      "low_findings": 0,
      "repository_id": "text",
      "language": "text",
      "latest_observation_at": "2026-01-23T00:57:54.606Z"
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

Get Rule Set Summary

get

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

rule_setstringRequired

Query parameters

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

/api/native_sast/rule_sets/{rule_set}

GET /api/native_sast/rule_sets/{rule_set} HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "name": "text",
  "tool_id": "text",
  "version": "text",
  "rule_count": 1,
  "finding_count": 1,
  "distinct_rule_count": 0,
  "distinct_repository_count": 0,
  "distinct_module_count": 0,
  "critical_findings": 0,
  "high_findings": 0,
  "medium_findings": 0,
  "low_findings": 0,
  "last_sync_at": "2026-01-23T00:57:54.606Z",
  "latest_observation_at": "2026-01-23T00:57:54.606Z"
}

Get Rule Summary

get

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

rule_idstringRequired

Query parameters

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

/api/native_sast/rules/{rule_id}

GET /api/native_sast/rules/{rule_id} HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Accept: */*

{
  "rule_id": "text",
  "rule_db_id": 1,
  "rule_name": "text",
  "rule_category": "text",
  "rule_set": "text",
  "severity": "text",
  "confidence": "text",
  "finding_type": "text",
  "description": "text",
  "remediation_guidance": "text",
  "finding_count": 1,
  "distinct_module_count": 0,
  "distinct_repository_count": 0,
  "critical_findings": 0,
  "high_findings": 0,
  "medium_findings": 0,
  "low_findings": 0,
  "cwe": [
    "text"
  ],
  "owasp": [
    "text"
  ],
  "latest_observation_at": "2026-01-23T00:57:54.606Z"
}

Get Rule Code Roots

get

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

rule_idstringRequired

Query parameters

service_idany ofOptional

integerOptional

or

nullOptional

code_root_idany ofOptional

integerOptional

or

nullOptional

repository_idany ofOptional

stringOptional

or

nullOptional

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Body

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

/api/native_sast/rules/{rule_id}/code_roots

GET /api/native_sast/rules/{rule_id}/code_roots HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "items": [
    {
      "module_id": 1,
      "module": "text",
      "module_type": "text",
      "finding_count": 1,
      "observation_count": 1,
      "distinct_rule_count": 0,
      "distinct_repository_count": 0,
      "provider_ids": [
        "text"
      ],
      "tool_ids": [
        "text"
      ],
      "first_observed_at": "2026-01-23T00:57:54.606Z",
      "most_recent_observed_at": "2026-01-23T00:57:54.606Z",
      "critical_findings": 0,
      "high_findings": 0,
      "medium_findings": 0,
      "low_findings": 0,
      "repository_id": "text",
      "language": "text",
      "latest_observation_at": "2026-01-23T00:57:54.606Z"
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

List Rule Code Roots Paginated

post

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

rule_idstringRequired

Query parameters

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Body

Request schema for grouping findings by rule category.

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

post

/api/native_sast/rules/{rule_id}/code_roots

POST /api/native_sast/rules/{rule_id}/code_roots HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "items": [
    {
      "module_id": 1,
      "module": "text",
      "module_type": "text",
      "finding_count": 1,
      "observation_count": 1,
      "distinct_rule_count": 0,
      "distinct_repository_count": 0,
      "provider_ids": [
        "text"
      ],
      "tool_ids": [
        "text"
      ],
      "first_observed_at": "2026-01-23T00:57:54.606Z",
      "most_recent_observed_at": "2026-01-23T00:57:54.606Z",
      "critical_findings": 0,
      "high_findings": 0,
      "medium_findings": 0,
      "low_findings": 0,
      "repository_id": "text",
      "language": "text",
      "latest_observation_at": "2026-01-23T00:57:54.606Z"
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

Get Rule Repositories Alt

get

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

rule_idstringRequired

Query parameters

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Body

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

get

/api/native_sast/rules/{rule_id}/repositories

GET /api/native_sast/rules/{rule_id}/repositories HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "items": [
    {
      "repository_id": "text",
      "finding_count": 1,
      "distinct_module_count": 0,
      "distinct_rule_count": 0,
      "provider_ids": [
        "text"
      ],
      "tool_ids": [
        "text"
      ],
      "first_observed_at": "2026-01-23T00:57:54.606Z",
      "most_recent_observed_at": "2026-01-23T00:57:54.606Z",
      "critical_count": 0,
      "high_count": 0,
      "medium_count": 0,
      "low_count": 0
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

Get Rule Repositories Alt

post

Authorizations

AuthorizationstringRequired

Bearer authentication header of the form Bearer <token>.

Path parameters

rule_idstringRequired

Query parameters

pageintegerOptionalDefault: 0

limitinteger · min: 1OptionalDefault: 100

orderany ofOptional

stringOptional

or

nullOptional

ordersany ofOptional

string[]Optional

or

nullOptional

directionany ofOptional

stringOptional

or

nullOptional

searchany ofOptional

stringOptional

or

nullOptional

fix_statusany ofOptional

string · enumOptional

Fix status for Native SAST findings.

Possible values:

or

nullOptional

provider_idany ofOptional

stringOptional

or

nullOptional

tool_idany ofOptional

stringOptional

or

nullOptional

rule_categoryany ofOptional

stringOptional

or

nullOptional

Body

or

nullOptional

Responses

200

Successful Response

application/json

404

Not found

422

Validation Error

application/json

post

/api/native_sast/rules/{rule_id}/repositories

POST /api/native_sast/rules/{rule_id}/repositories HTTP/1.1
Host: 
Authorization: Bearer YOUR_SECRET_TOKEN
Content-Type: application/json
Accept: */*
Content-Length: 14

{
  "filters": []
}

{
  "items": [
    {
      "repository_id": "text",
      "finding_count": 1,
      "distinct_module_count": 0,
      "distinct_rule_count": 0,
      "provider_ids": [
        "text"
      ],
      "tool_ids": [
        "text"
      ],
      "first_observed_at": "2026-01-23T00:57:54.606Z",
      "most_recent_observed_at": "2026-01-23T00:57:54.606Z",
      "critical_count": 0,
      "high_count": 0,
      "medium_count": 0,
      "low_count": 0
    }
  ],
  "total": 1,
  "pages": 1,
  "page_size": 1,
  "page_number": 1
}

hashtagGet Native Sast Terms

hashtagList Global Native Sast Findings Get

hashtagList Global Native Sast Findings

hashtagList Module Native Sast Findings

hashtagList Module Native Sast Findings

hashtagGet Repo Module Summary

hashtagGet Repo Module Summary

hashtagList Repo Code Roots

hashtagList Repo Code Roots

hashtagList Repo Native Sast Findings

hashtagList Repo Native Sast Findings

hashtagGet Repository Summary

hashtagList Native Sast Findings By Rule

hashtagList Native Sast Findings By Rule

hashtagList Native Sast Findings By Category

hashtagList Native Sast Findings By Category

hashtagList Finding Observations Get

hashtagList Finding Observations

hashtagList Findings By Module

hashtagList Findings By Module

hashtagList Findings By Repository

hashtagList Findings By Repository

hashtagGet Native Sast Finding

hashtagGet Finding Observation

hashtagList Finding Code Roots Affected

hashtagList Finding Code Roots Affected

hashtagGet Rule Set Summary

hashtagGet Rule Summary

hashtagGet Rule Code Roots

hashtagList Rule Code Roots Paginated

hashtagGet Rule Repositories Alt

hashtagGet Rule Repositories Alt

Get Native Sast Terms

List Global Native Sast Findings Get

List Global Native Sast Findings

List Module Native Sast Findings

List Module Native Sast Findings

Get Repo Module Summary

Get Repo Module Summary

List Repo Code Roots

List Repo Code Roots

List Repo Native Sast Findings

List Repo Native Sast Findings

Get Repository Summary

List Native Sast Findings By Rule

List Native Sast Findings By Rule

List Native Sast Findings By Category

List Native Sast Findings By Category

List Finding Observations Get

List Finding Observations

List Findings By Module

List Findings By Module

List Findings By Repository

List Findings By Repository

Get Native Sast Finding

Get Finding Observation

List Finding Code Roots Affected

List Finding Code Roots Affected

Get Rule Set Summary

Get Rule Summary

Get Rule Code Roots

List Rule Code Roots Paginated

Get Rule Repositories Alt

Get Rule Repositories Alt