Skip to main content

OSA

Returns basic scan details for all scans associated with a specified project id

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json;v=1.0"},
        "Authorization": []string{"Bearer {access-token}"},
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://***.***.***.***/cxrestapi/help/osa/scans", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}
URL obj = new URL("https://***.***.***.***/cxrestapi/help/osa/scans?projectId=0");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());
const headers = {
  'Accept':'application/json;v=1.0',
  'Authorization':'Bearer {access-token}'
};

fetch('https://***.***.***.***/cxrestapi/help/osa/scans?projectId=0',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});
import requests
headers = {
  'Accept': 'application/json;v=1.0',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://***.***.***.***/cxrestapi/help/osa/scans', params={
  'projectId': '0'
}, headers = headers)

print(r.json())
require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json;v=1.0',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://***.***.***.***/cxrestapi/help/osa/scans',
  params: {
  'projectId' => 'integer(int64)'
}, headers: headers

p JSON.parse(result)

Parameters

Name

In

Type

Required

Description

projectId

query

integer(int64)

true

Unique Id of the specific project

page

query

integer(int32)

false

Page number (default 1)

itemsPerPage

query

integer(int32)

false

Number of items per page (default 100)

Responses

Status

Meaning

Description

Schema

200

OK

OK

Inline

Response Schema

Status Code 200

Name

Type

Required

Restrictions

Description

anonymous

[Cx.Osa.Application.DTOs.BasicScanDTO]

false

none

none

» id

string(uuid)

false

none

none

» startAnalyzeTime

string(date-time)

false

none

none

» endAnalyzeTime

string(date-time)

false

none

none

» origin

string

false

none

none

» sourceCodeOrigin

string

false

none

none

» state

Cx.Osa.Application.DTOs.StateDTO

false

none

none

»» id

integer(int32)

false

none

none

»» name

string

false

none

none

»» failureReason

string

false

none

none

» sharedSourceLocationPaths

[string]

false

none

none

To perform this operation, you must be authenticated by means of one of the following methods: Bearer ( Scopes: sast_api )

Creates a new scan request

TEST

import requests
headers = {
  'Content-Type': 'multipart/form-data',
  'Accept': 'application/json',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('https://***.***.***.***/cxrestapi/help/osa/scans', headers = headers)

print(r.json())
package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"multipart/form-data"},
        "Accept": []string{"application/json"},
        "Authorization": []string{"Bearer {access-token}"},
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "https://***.***.***.***/cxrestapi/help/osa/scans", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}
URL obj = new URL("https://***.***.***.***/cxrestapi/help/osa/scans");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());
const inputBody = '{
  "projectId": 0,
  "origin": "string",
  "zippedSource": "string"
}';
const headers = {
  'Content-Type':'multipart/form-data',
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('https://***.***.***.***/cxrestapi/help/osa/scans',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});
import requests
headers = {
  'Content-Type': 'multipart/form-data',
  'Accept': 'application/json',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('https://***.***.***.***/cxrestapi/help/osa/scans', headers = headers)

print(r.json())
import requests
headers = {
  'Content-Type': 'multipart/form-data',
  'Accept': 'application/json',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('https://***.***.***.***/cxrestapi/help/osa/scans', headers = headers)

print(r.json())
require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'multipart/form-data',
  'Accept' => 'application/json',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post 'https://***.***.***.***/cxrestapi/help/osa/scans',
  params: {
  }, headers: headers

p JSON.parse(result)
Body parameter
projectId: 0
origin: string
zippedSource: string

Parameters

Name

In

Type

Required

Description

body

body

object

false

none

» projectId

body

integer

false

The Project Id associated with requested scan

» origin

body

string

false

The location from which scan was requested (if not specified (Portal) will be selected)

» zippedSource

body

string(binary)

false

Zipped source code to scan

Responses

Status

Meaning

Description

Schema

202

Accepted

Accepted

Cx.Osa.Presentation.DTOs.NewDTOs.NewScanResponseDTO

400

Bad Request

Bad Request

None

To perform this operation, you must be authenticated by means of one of the following methods: Bearer ( Scopes: sast_api )

{
  "scanId": "00000000-0000-0000-0000-000000000000"
}

Get all supported Open Source file extensions

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"text/plain;v=1.0"},
        "Authorization": []string{"Bearer {access-token}"},
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://***.***.***.***/cxrestapi/help/osa/fileextensions", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}
URL obj = new URL("https://***.***.***.***/cxrestapi/help/osa/fileextensions");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());
const headers = {
  'Accept':'text/plain;v=1.0',
  'Authorization':'Bearer {access-token}'
};

fetch('https://***.***.***.***/cxrestapi/help/osa/fileextensions',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});
import requests
headers = {
  'Accept': 'text/plain;v=1.0',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://***.***.***.***/cxrestapi/help/osa/fileextensions', headers = headers)

print(r.json())
require 'rest-client'
require 'json'

headers = {
  'Accept' => 'text/plain;v=1.0',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://***.***.***.***/cxrestapi/help/osa/fileextensions',
  params: {
  }, headers: headers

p JSON.parse(result)

Responses

Status

Meaning

Description

Schema

200

OK

OK

string

To perform this operation, you must be authenticated by means of one of the following methods: Bearer ( Scopes: sast_api )

"string"

Returns basic scan details for a specified scan

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json;v=1.0"},
        "Authorization": []string{"Bearer {access-token}"},
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://***.***.***.***/cxrestapi/help/osa/scans/{scanId}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}
URL obj = new URL("https://***.***.***.***/cxrestapi/help/osa/scans/{scanId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());
const headers = {
  'Accept':'application/json;v=1.0',
  'Authorization':'Bearer {access-token}'
};

fetch('https://***.***.***.***/cxrestapi/help/osa/scans/{scanId}',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});
import requests
headers = {
  'Accept': 'application/json;v=1.0',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://***.***.***.***/cxrestapi/help/osa/scans/{scanId}', headers = headers)

print(r.json())
require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json;v=1.0',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://***.***.***.***/cxrestapi/help/osa/scans/{scanId}',
  params: {
  }, headers: headers

p JSON.parse(result)

Parameters

Name

In

Type

Required

Description

scanId

path

string(uuid)

true

Unique ID of the specific scan

Responses

Status

Meaning

Description

Schema

200

OK

OK

Cx.Osa.Application.DTOs.BasicScanDTO

To perform this operation, you must be authenticated by means of one of the following methods: Bearer ( Scopes: sast_api )

Returns the licenses associated with the given scan request

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json;v=1.0"},
        "Authorization": []string{"Bearer {access-token}"},
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://***.***.***.***/cxrestapi/help/osa/licenses", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}
URL obj = new URL("https://***.***.***.***/cxrestapi/help/osa/licenses?scanId=497f6eca-6276-4993-bfeb-53cbbbba6f08");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());
const headers = {
  'Accept':'application/json;v=1.0',
  'Authorization':'Bearer {access-token}'
};

fetch('https://***.***.***.***/cxrestapi/help/osa/licenses?scanId=497f6eca-6276-4993-bfeb-53cbbbba6f08',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});
import requests
headers = {
  'Accept': 'application/json;v=1.0',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://***.***.***.***/cxrestapi/help/osa/licenses', params={
  'scanId': '497f6eca-6276-4993-bfeb-53cbbbba6f08'
}, headers = headers)

print(r.json())
require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json;v=1.0',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://***.***.***.***/cxrestapi/help/osa/licenses',
  params: {
  'scanId' => 'string(uuid)'
}, headers: headers

p JSON.parse(result)

Parameters

Name

In

Type

Required

Description

scanId

query

string(uuid)

true

Unique ID of the specific scan

Responses

Status

Meaning

Description

Schema

200

OK

OK

Inline

Response Schema

Status Code 200

Name

Type

Required

Restrictions

Description

anonymous

[Cx.Osa.Application.DTOs.OsaLicenseDto]

false

none

none

» id

string

false

read-only

The Id of the open source license

» name

string

false

read-only

License name

» riskLevel

string

false

read-only

License risk level (Low, Medium, High, Unknown)

» copyrightRiskScore

integer(int32)

false

read-only

The risk of infringing the license copyrights

» patentRiskScore

integer(int32)

false

read-only

The risk of infringing patents

» copyLeft

string

false

read-only

Status of copy-left licensing

» linking

string

false

read-only

The influent of the license on linked code

» royalityFree

string

false

read-only

Whether or not this license is royality-free

» referenceType

string

false

read-only

License description url

» reference

string

false

read-only

none

» url

string

false

read-only

none

To perform this operation, you must be authenticated by means of one of the following methods: Bearer ( Scopes: sast_api )

Returns a list of comments associated with the instances of the given vulnerability

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json;v=1.0"},
        "Authorization": []string{"Bearer {access-token}"},
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://***.***.***.***/cxrestapi/help/osa/vulnerabilities/{vulnerabilityId}/comments", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}
URL obj = new URL("https://***.***.***.***/cxrestapi/help/osa/vulnerabilities/{vulnerabilityId}/comments?projectId=0");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());
const headers = {
  'Accept':'application/json;v=1.0',
  'Authorization':'Bearer {access-token}'
};

fetch('https://***.***.***.***/cxrestapi/help/osa/vulnerabilities/{vulnerabilityId}/comments?projectId=0',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});
import requests
headers = {
  'Accept': 'application/json;v=1.0',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://***.***.***.***/cxrestapi/help/osa/vulnerabilities/{vulnerabilityId}/comments', params={
  'projectId': '0'
}, headers = headers)

print(r.json())
require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json;v=1.0',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://***.***.***.***/cxrestapi/help/osa/vulnerabilities/{vulnerabilityId}/comments',
  params: {
  'projectId' => 'integer(int64)'
}, headers: headers

p JSON.parse(result)

Parameters

Name

In

Type

Required

Description

vulnerabilityId

path

string

true

Unique Id of the specific scanned vulnerability

projectId

query

integer(int64)

true

Unique Id of the specific project

Responses

Status

Meaning

Description

Schema

200

OK

none

Cx.Osa.Application.DTOs.Responses.VulnerabilityCommentDto

To perform this operation, you must be authenticated by means of one of the following methods: Bearer ( Scopes: sast_api )

Returns all the vulnerabilities for the specified scan Id. Each vulnerability returned is unique to its library or file.

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json;v=1.0"},
        "Authorization": []string{"Bearer {access-token}"},
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://***.***.***.***/cxrestapi/help/osa/vulnerabilities", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}
URL obj = new URL("https://***.***.***.***/cxrestapi/help/osa/vulnerabilities?scanId=497f6eca-6276-4993-bfeb-53cbbbba6f08");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());
const headers = {
  'Accept':'application/json;v=1.0',
  'Authorization':'Bearer {access-token}'
};

fetch('https://***.***.***.***/cxrestapi/help/osa/vulnerabilities?scanId=497f6eca-6276-4993-bfeb-53cbbbba6f08',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});
import requests
headers = {
  'Accept': 'application/json;v=1.0',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://***.***.***.***/cxrestapi/help/osa/vulnerabilities', params={
  'scanId': '497f6eca-6276-4993-bfeb-53cbbbba6f08'
}, headers = headers)

print(r.json())
require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json;v=1.0',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://***.***.***.***/cxrestapi/help/osa/vulnerabilities',
  params: {
  'scanId' => 'string(uuid)'
}, headers: headers

p JSON.parse(result)

Parameters

Name

In

Type

Required

Description

scanId

query

string(uuid)

true

Unique Id of the specific scan

page

query

integer(int32)

false

Page number

itemsPerPage

query

integer(int32)

false

Amount of items returned by the request

libraryId

query

array[string]

false

Filter by library Ids

stateId

query

array[integer]

false

Filter by state Ids

comment

query

string

false

Filter by a comment containing the text

since

query

integer(int64)

false

Filter not erlier that the given unix-timestamp value

until

query

integer(int64)

false

Filter not after the given unix-timestamp value

Responses

Status

Meaning

Description

Schema

200

OK

none

Inline

Response Schema

Status Code 200

Name

Type

Required

Restrictions

Description

anonymous

[Cx.Osa.Application.DTOs.Responses.V1.VulnerabilityDTO]

false

none

none

» id

string

false

none

none

» cveName

string

false

none

none

» score

number(float)

false

none

none

» severity

Cx.Osa.Application.DTOs.SeverityDTO

false

none

none

»» id

integer(int32)

false

none

none

»» name

string

false

none

none

» publishDate

string(date-time)

false

none

none

» url

string

false

none

none

» description

string

false

none

none

» recommendations

string

false

none

none

» sourceFileName

string

false

none

none

» libraryId

string

false

none

none

» state

Cx.Osa.Application.DTOs.Responses.VulnerabilityStateDto

false

none

none

»» id

integer(int32)

false

read-only

none

»» actionType

string

false

read-only

none

»» name

string

false

read-only

none

» commentsAmount

integer(int32)

false

none

none

» similarityId

string

false

none

none

To perform this operation, you must be authenticated by means of one of the following methods: Bearer ( Scopes: sast_api )