LogoLogo
Book a Demo
  • Introduction
  • Getting Started
    • Install
    • Configuration - General
    • Configuration - Code
    • Configuration - Dependencies
    • Configuration - Containers
    • Configuration - Secrets
    • Configuration - Attack Surface Monitoring
  • Features
    • Code Scanning
      • Custom Rules
      • Supported Languages
    • Dependency Scanning
      • Supported Package Managers
    • Secrets Scanning
      • Supported Secret Types
      • Confidential Information
    • Web App Penetration Testing
      • Quickstart
      • Supported Applications
      • Apps in Private Networks
      • Custom Rules
    • Orchestration
  • Integrations
    • GitHub
      • Repository Issue Dashboards
    • Bitbucket
      • Repository Dashboards
    • Slack
      • Install
    • Jira
      • Install
      • Configuration
      • Assignee
      • Priorities
      • Manual Ticket Creation
    • AWS
      • Prerequisites
      • Configuration
  • API Reference
    • Nullify API
      • Authentication
      • Pagination
      • Admin
      • Code Scanning (SAST)
      • Dependency Scanning (SCA)
      • Secrets Scanning
      • Dynamic Scanning (DAST)
  • Enterprise Tier
    • GitHub Install
    • Azure DevOps Install
  • More Info
    • About Us
    • Latest Updates
    • Security
    • Data Handling Policy
Powered by GitBook

© 2023 Nullify | All Rights Reserved.

On this page

Was this helpful?

  1. API Reference
  2. Nullify API

Secrets Scanning

Use the REST API to query secrets detection metrics

PreviousDependency Scanning (SCA)NextDynamic Scanning (DAST)

Last updated 1 month ago

Was this helpful?

Table of Contents

Introduction

The Secrets API provides a RESTful interface for querying various metrics related to findings and events. It offers endpoints to retrieve information about secret findings, events, and counts.

Base URL

All API endpoints are accessed through the base URL: https://api.<YOUR-TENANT-NAME>.nullify.ai

Replace <YOUR-TENANT-NAME> with your organization's tenant name. For example, if your tenant name is "acme", the base URL would be https://api.acme.nullify.ai.

Get Secret Events

This endpoint returns the list of events that have occurred related to dependency findings.

Event types:

  • new-finding

  • new-findings

  • new-allowlisted-finding

  • new-allowlisted-findings

curl -L \
    -H "Accept: application/json" \
    -H "Authorization: Bearer <YOUR-TOKEN>" \
    https://api.<YOUR-TENANT-NAME>.nullify.ai/secrets/events?githubOwnerId=1234

List Secrets Findings

This endpoint returns the list of current secrets in the repository.

curl -L \
   -H "Accept: application/json" \
   -H "Authorization: Bearer <YOUR-TOKEN>" \
   https://api.<YOUR-TENANT-NAME>.nullify.ai/secrets/findings?githubOwnerId=1234

Get Secret Findings

This endpoint returns the details of a secret finding.

curl -L \
   -H "Accept: application/json" \
   -H "Authorization: Bearer <YOUR-TOKEN>" \
   https://api.<YOUR-TENANT-NAME>.nullify.ai/secrets/findings/01J6EEXK3NKYKWW9XTPQYAF41N?githubOwnerId=1234
Secrets detection
Introduction
Base URL
Endpoints
Get Secret Events
List Secrets Findings
Get Secrets Finding

Get Secret Events

get

Returns events after a specified timestamp or event ID. All events are returned if no timestamp or event ID is provided

Query parameters
nextTokenstringOptional
limitintegerOptional
branchstringOptional
fromTimestringOptional
numItemsintegerOptional
eventTypestring[]Optional
fileOwnerNamestring[]Optional
sortstringOptional
azureOrganizationIdstringOptional

The Azure organization ID

githubOwnerIdintegerOptional

The Github owner ID

gitlabGroupIdintegerOptional

The GitLab group ID

installationIdstringOptional

The Nullify installation ID

azureRepositoryIdstring[]Optional
githubRepositoryIdinteger[]Optional
githubTeamIdintegerOptional
Responses
200
OK
application/json
400
Bad Request
application/json
403
Forbidden
application/json
500
Internal Server Error
application/json
get
GET /secrets/events HTTP/1.1
Host: api.<YOUR-TENANT>.nullify.com
Accept: */*
{
  "events": [
    {
      "data": null,
      "id": "text",
      "time": "text",
      "timestampUnix": 1,
      "type": "text"
    }
  ],
  "nextToken": "text",
  "numItems": 1
}

Get Secrets Findings

get

Returns a filtered set of Secrets findings based on query parameters. One unique secret hash per repository.

Query parameters
nextTokenstringOptional
limitintegerOptional
branchstring | nullableOptional
secretTypestring | nullableOptional
isAllowlistedboolean | nullableOptional
fileOwnerNamestring[]Optional
isResolvedboolean | nullableOptional
sortBystringOptional
sortstringOptional
azureOrganizationIdstringOptional

The Azure organization ID

githubOwnerIdintegerOptional

The Github owner ID

gitlabGroupIdintegerOptional

The GitLab group ID

installationIdstringOptional

The Nullify installation ID

azureRepositoryIdstring[]Optional
githubRepositoryIdinteger[]Optional
githubTeamIdintegerOptional
Responses
200
OK
application/json
400
Bad Request
application/json
403
Forbidden
application/json
500
Internal Server Error
application/json
get
GET /secrets/findings HTTP/1.1
Host: api.<YOUR-TENANT>.nullify.com
Accept: */*
{
  "findings": [
    {
      "author": "text",
      "branch": "text",
      "commit": "text",
      "createdAt": "text",
      "endLine": 1,
      "entropy": 1,
      "fileOwners": [
        {
          "name": "text",
          "type": "text"
        }
      ],
      "filePath": "text",
      "id": "text",
      "installationId": "text",
      "isAllowlisted": true,
      "isArchived": true,
      "isDefaultBranch": true,
      "isFalsePositive": true,
      "isResolved": true,
      "match": "text",
      "owner": "text",
      "ownerType": "text",
      "priorityLabel": "text",
      "priorityOverride": "text",
      "priorityScore": 1,
      "projectId": "text",
      "projectName": "text",
      "redactedSecret": "text",
      "repository": "text",
      "repositoryId": "text",
      "repositoryName": "text",
      "ruleId": "text",
      "scopes": [
        "text"
      ],
      "secretHash": "text",
      "secretType": "text",
      "startLine": 1,
      "tenantId": "text",
      "ticket": {
        "azure": {},
        "github": {
          "issueId": 1,
          "nodeId": "text",
          "number": 1,
          "repositoryName": "text",
          "url": "text"
        },
        "gitlab": {},
        "jira": {
          "issueId": "text",
          "issueKey": "text",
          "url": "text"
        },
        "providerId": "text"
      },
      "timeStamp": "text",
      "timestampUnix": 1,
      "updatedAt": "text"
    }
  ],
  "nextToken": "text",
  "numItems": 1
}

Get Finding

get

Returns a given finding

Path parameters
findingIdstringRequired
Query parameters
azureOrganizationIdstringOptional

The Azure organization ID

githubOwnerIdintegerOptional

The Github owner ID

gitlabGroupIdintegerOptional

The GitLab group ID

installationIdstringOptional

The Nullify installation ID

azureRepositoryIdstring[]Optional
githubRepositoryIdinteger[]Optional
githubTeamIdintegerOptional
Responses
200
OK
application/json
400
Bad Request
application/json
403
Forbidden
application/json
404
Not Found
application/json
500
Internal Server Error
application/json
get
GET /secrets/findings/{findingId} HTTP/1.1
Host: api.<YOUR-TENANT>.nullify.com
Accept: */*
{
  "finding": {
    "aiDevTitle": "text",
    "aiTitle": "text",
    "author": "text",
    "branch": "text",
    "commit": "text",
    "createdAt": "text",
    "description": "text",
    "devDescription": "text",
    "endColumn": 1,
    "endLine": 1,
    "entropy": 1,
    "exploitabilityConfidence": "text",
    "exploitabilityLabel": "text",
    "failedTriage": true,
    "falsePositiveReason": "text",
    "fileOwners": [
      {
        "name": "text",
        "type": "text"
      }
    ],
    "filePath": "text",
    "id": "text",
    "impactConfidence": "text",
    "impactLabel": "text",
    "installationId": "text",
    "isAllowlisted": true,
    "isArchived": true,
    "isDefaultBranch": true,
    "isDuplicate": true,
    "isFalsePositive": true,
    "isResolved": true,
    "match": "text",
    "owner": "text",
    "ownerType": "text",
    "platform": "text",
    "priorityLabel": "text",
    "priorityLabelReason": "text",
    "priorityOverride": "text",
    "priorityScore": 1,
    "projectId": "text",
    "projectName": "text",
    "redactedSecret": "text",
    "repository": "text",
    "repositoryId": "text",
    "repositoryName": "text",
    "ruleId": "text",
    "scanner": "text",
    "scopes": [
      "text"
    ],
    "secretHash": "text",
    "secretType": "text",
    "secretValue": "text",
    "severityConfidence": "text",
    "severityLabel": "text",
    "severityOverride": "text",
    "severityScore": 1,
    "startColumn": 1,
    "startLine": 1,
    "tenantId": "text",
    "ticket": {
      "azure": {},
      "github": {
        "issueId": 1,
        "nodeId": "text",
        "number": 1,
        "repositoryName": "text",
        "url": "text"
      },
      "gitlab": {},
      "jira": {
        "issueId": "text",
        "issueKey": "text",
        "url": "text"
      },
      "providerId": "text"
    },
    "timeStamp": "text",
    "timestampUnix": 1,
    "triageAgentVersion": "text",
    "triageDurationSeconds": 1,
    "triageLangfuseSessionId": "text",
    "triageLangfuseTraceId": "text",
    "triageLlmCostUsd": 1,
    "triageTokenCount": 1,
    "triageTraceId": "text",
    "updatedAt": "text",
    "userId": "text",
    "userNotes": "text",
    "verified": true,
    "verifiedAt": "text"
  },
  "presignedUrl": "text"
}
  • Table of Contents
  • Introduction
  • Base URL
  • Get Secret Events
  • GETGet Secret Events
  • List Secrets Findings
  • GETGet Secrets Findings
  • Get Secret Findings
  • GETGet Finding