Secrets Scanning
Use the REST API to query secrets detection metrics
Table of Contents
Introduction
The Secrets API provides a RESTful interface for querying various metrics related to Secrets detection findings and events. It offers endpoints to retrieve information about secret findings, events, and counts.
Base URL
All API endpoints are accessed through the base URL: https://api.<YOUR-TENANT-NAME>.nullify.ai
Replace <YOUR-TENANT-NAME>
with your organization's tenant name. For example, if your tenant name is "acme", the base URL would be https://api.acme.nullify.ai
.
Get Secret Events
This endpoint returns the list of events that have occurred related to dependency findings.
Returns events after a specified timestamp or event ID. All events are returned if no timestamp or event ID is provided
The Azure organization ID
The Github owner ID
The GitLab group ID
The Nullify installation ID
GET /secrets/events HTTP/1.1
Host: api.<YOUR-TENANT>.nullify.com
Accept: */*
{
"events": [
{
"data": null,
"id": "text",
"time": "text",
"timestampUnix": 1,
"type": "text"
}
],
"nextToken": "text",
"numItems": 1
}
Event types:
new-finding
new-findings
new-allowlisted-finding
new-allowlisted-findings
curl -L \
-H "Accept: application/json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
https://api.<YOUR-TENANT-NAME>.nullify.ai/secrets/events?githubOwnerId=1234
List Secrets Findings
This endpoint returns the list of current secrets in the repository.
Returns a filtered set of Secrets findings based on query parameters. One unique secret hash per repository.
The Azure organization ID
The Github owner ID
The GitLab group ID
The Nullify installation ID
GET /secrets/findings HTTP/1.1
Host: api.<YOUR-TENANT>.nullify.com
Accept: */*
{
"findings": [
{
"author": "text",
"branch": "text",
"commit": "text",
"createdAt": "text",
"endLine": 1,
"entropy": 1,
"fileOwners": [
{
"name": "text",
"type": "text"
}
],
"filePath": "text",
"id": "text",
"installationId": "text",
"isAllowlisted": true,
"isArchived": true,
"isDefaultBranch": true,
"isFalsePositive": true,
"isResolved": true,
"match": "text",
"owner": "text",
"ownerType": "text",
"priorityLabel": "text",
"priorityOverride": "text",
"priorityScore": 1,
"projectId": "text",
"projectName": "text",
"redactedSecret": "text",
"repository": "text",
"repositoryId": "text",
"repositoryName": "text",
"ruleId": "text",
"scopes": [
"text"
],
"secretHash": "text",
"secretType": "text",
"startLine": 1,
"tenantId": "text",
"ticket": {
"azure": {},
"github": {
"issueId": 1,
"nodeId": "text",
"number": 1,
"repositoryName": "text",
"url": "text"
},
"gitlab": {},
"jira": {
"issueId": "text",
"issueKey": "text",
"url": "text"
},
"providerId": "text"
},
"timeStamp": "text",
"timestampUnix": 1,
"updatedAt": "text"
}
],
"nextToken": "text",
"numItems": 1
}
curl -L \
-H "Accept: application/json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
https://api.<YOUR-TENANT-NAME>.nullify.ai/secrets/findings?githubOwnerId=1234
Get Secret Findings
This endpoint returns the details of a secret finding.
Returns a given finding
The Azure organization ID
The Github owner ID
The GitLab group ID
The Nullify installation ID
GET /secrets/findings/{findingId} HTTP/1.1
Host: api.<YOUR-TENANT>.nullify.com
Accept: */*
{
"finding": {
"aiDevTitle": "text",
"aiTitle": "text",
"author": "text",
"branch": "text",
"commit": "text",
"createdAt": "text",
"description": "text",
"devDescription": "text",
"endColumn": 1,
"endLine": 1,
"entropy": 1,
"exploitabilityConfidence": "text",
"exploitabilityLabel": "text",
"failedTriage": true,
"falsePositiveReason": "text",
"fileOwners": [
{
"name": "text",
"type": "text"
}
],
"filePath": "text",
"id": "text",
"impactConfidence": "text",
"impactLabel": "text",
"installationId": "text",
"isAllowlisted": true,
"isArchived": true,
"isDefaultBranch": true,
"isDuplicate": true,
"isFalsePositive": true,
"isResolved": true,
"match": "text",
"owner": "text",
"ownerType": "text",
"platform": "text",
"priorityLabel": "text",
"priorityLabelReason": "text",
"priorityOverride": "text",
"priorityScore": 1,
"projectId": "text",
"projectName": "text",
"redactedSecret": "text",
"repository": "text",
"repositoryId": "text",
"repositoryName": "text",
"ruleId": "text",
"scanner": "text",
"scopes": [
"text"
],
"secretHash": "text",
"secretType": "text",
"secretValue": "text",
"severityConfidence": "text",
"severityLabel": "text",
"severityOverride": "text",
"severityScore": 1,
"startColumn": 1,
"startLine": 1,
"tenantId": "text",
"ticket": {
"azure": {},
"github": {
"issueId": 1,
"nodeId": "text",
"number": 1,
"repositoryName": "text",
"url": "text"
},
"gitlab": {},
"jira": {
"issueId": "text",
"issueKey": "text",
"url": "text"
},
"providerId": "text"
},
"timeStamp": "text",
"timestampUnix": 1,
"triageAgentVersion": "text",
"triageDurationSeconds": 1,
"triageLangfuseSessionId": "text",
"triageLangfuseTraceId": "text",
"triageLlmCostUsd": 1,
"triageTokenCount": 1,
"triageTraceId": "text",
"updatedAt": "text",
"userId": "text",
"userNotes": "text",
"verified": true,
"verifiedAt": "text"
},
"presignedUrl": "text"
}
curl -L \
-H "Accept: application/json" \
-H "Authorization: Bearer <YOUR-TOKEN>" \
https://api.<YOUR-TENANT-NAME>.nullify.ai/secrets/findings/01J6EEXK3NKYKWW9XTPQYAF41N?githubOwnerId=1234
Last updated
Was this helpful?