Secrets Scanning

Use the REST API to query secrets detection metrics

Introduction

The Secrets API provides a RESTful interface for querying various metrics related to findings and events. It offers endpoints to retrieve information about secret findings, events, and counts.

Base URL

All API endpoints are accessed through the base URL: https://api.<YOUR-TENANT-NAME>.nullify.ai

Replace <YOUR-TENANT-NAME> with your organization's tenant name. For example, if your tenant name is "acme", the base URL would be https://api.acme.nullify.ai.

Get Secret Events

This endpoint returns the list of events that have occurred related to dependency findings.

Event types:

new-finding
new-findings
new-allowlisted-finding
new-allowlisted-findings

curl -L \
    -H "Accept: application/json" \
    -H "Authorization: Bearer <YOUR-TOKEN>" \
    https://api.<YOUR-TENANT-NAME>.nullify.ai/secrets/events?githubOwnerId=1234

List Secrets Findings

This endpoint returns the list of current secrets in the repository.

curl -L \
   -H "Accept: application/json" \
   -H "Authorization: Bearer <YOUR-TOKEN>" \
   https://api.<YOUR-TENANT-NAME>.nullify.ai/secrets/findings?githubOwnerId=1234

Get Secret Findings

This endpoint returns the details of a secret finding.

curl -L \
   -H "Accept: application/json" \
   -H "Authorization: Bearer <YOUR-TOKEN>" \
   https://api.<YOUR-TENANT-NAME>.nullify.ai/secrets/findings/01J6EEXK3NKYKWW9XTPQYAF41N?githubOwnerId=1234

PreviousDependency Scanning (SCA)NextDynamic Scanning (DAST)

Last updated 1 month ago

Was this helpful?

{ "findings": [ { "author": "text", "branch": "text", "commit": "text", "createdAt": "text", "endLine": 1, "entropy": 1, "fileOwners": [ { "name": "text", "type": "text" } ], "filePath": "text", "id": "text", "installationId": "text", "isAllowlisted": true, "isArchived": true, "isDefaultBranch": true, "isFalsePositive": true, "isResolved": true, "match": "text", "owner": "text", "ownerType": "text", "priorityLabel": "text", "priorityOverride": "text", "priorityScore": 1, "projectId": "text", "projectName": "text", "redactedSecret": "text", "repository": "text", "repositoryId": "text", "repositoryName": "text", "ruleId": "text", "scopes": [ "text" ], "secretHash": "text", "secretType": "text", "startLine": 1, "tenantId": "text", "ticket": { "azure": {}, "github": { "issueId": 1, "nodeId": "text", "number": 1, "repositoryName": "text", "url": "text" }, "gitlab": {}, "jira": { "issueId": "text", "issueKey": "text", "url": "text" }, "providerId": "text" }, "timeStamp": "text", "timestampUnix": 1, "updatedAt": "text" } ], "nextToken": "text", "numItems": 1 }

{ "finding": { "aiDevTitle": "text", "aiTitle": "text", "author": "text", "branch": "text", "commit": "text", "createdAt": "text", "description": "text", "devDescription": "text", "endColumn": 1, "endLine": 1, "entropy": 1, "exploitabilityConfidence": "text", "exploitabilityLabel": "text", "failedTriage": true, "falsePositiveReason": "text", "fileOwners": [ { "name": "text", "type": "text" } ], "filePath": "text", "id": "text", "impactConfidence": "text", "impactLabel": "text", "installationId": "text", "isAllowlisted": true, "isArchived": true, "isDefaultBranch": true, "isDuplicate": true, "isFalsePositive": true, "isResolved": true, "match": "text", "owner": "text", "ownerType": "text", "platform": "text", "priorityLabel": "text", "priorityLabelReason": "text", "priorityOverride": "text", "priorityScore": 1, "projectId": "text", "projectName": "text", "redactedSecret": "text", "repository": "text", "repositoryId": "text", "repositoryName": "text", "ruleId": "text", "scanner": "text", "scopes": [ "text" ], "secretHash": "text", "secretType": "text", "secretValue": "text", "severityConfidence": "text", "severityLabel": "text", "severityOverride": "text", "severityScore": 1, "startColumn": 1, "startLine": 1, "tenantId": "text", "ticket": { "azure": {}, "github": { "issueId": 1, "nodeId": "text", "number": 1, "repositoryName": "text", "url": "text" }, "gitlab": {}, "jira": { "issueId": "text", "issueKey": "text", "url": "text" }, "providerId": "text" }, "timeStamp": "text", "timestampUnix": 1, "triageAgentVersion": "text", "triageDurationSeconds": 1, "triageLangfuseSessionId": "text", "triageLangfuseTraceId": "text", "triageLlmCostUsd": 1, "triageTokenCount": 1, "triageTraceId": "text", "updatedAt": "text", "userId": "text", "userNotes": "text", "verified": true, "verifiedAt": "text" }, "presignedUrl": "text" }

Secrets Scanning

Table of Contents

Introduction

Base URL

Get Secret Events

List Secrets Findings

Get Secret Findings

Table of Contents

Introduction

Base URL

Get Secret Events

List Secrets Findings

Get Secret Findings

Get Secret Events

Get Secrets Findings

Get Finding