Skip to main content

OSA

Returns basic scan details for all scans associated with a specified project id

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json;v=2.0"},
        "Authorization": []string{"Bearer {access-token}"},
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://***.***.***.***/cxrestapi/help/osa/scans", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}
URL obj = new URL("https://***.***.***.***/cxrestapi/help/osa/scans?projectId=0");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());
const headers = {
  'Accept':'application/json;v=2.0',
  'Authorization':'Bearer {access-token}'
};

fetch('https://***.***.***.***/cxrestapi/help/osa/scans?projectId=0',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});
import requests
headers = {
  'Accept': 'application/json;v=2.0',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://***.***.***.***/cxrestapi/help/osa/scans', params={
  'projectId': '0'
}, headers = headers)

print(r.json())
require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json;v=2.0',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://***.***.***.***/cxrestapi/help/osa/scans',
  params: {
  'projectId' => 'integer(int64)'
}, headers: headers

p JSON.parse(result)

Parameters

Name

In

Type

Required

Description

projectId

query

integer(int64)

true

Unique Id of the specific project

page

query

integer(int32)

false

Page number (default 1)

itemsPerPage

query

integer(int32)

false

Number of items per page (default 100)

Responses

Status

Meaning

Description

Schema

200

OK

OK

Inline

Response Schema

Status Code 200

Name

Type

Required

Restrictions

Description

anonymous

[Cx.Osa.Application.DTOs.Responses.ScanDtoV2]

false

none

none

» findingsStatus

string

false

none

none

» id

string(uuid)

false

none

none

» startAnalyzeTime

string(date-time)

false

none

none

» endAnalyzeTime

string(date-time)

false

none

none

» origin

string

false

none

none

» sourceCodeOrigin

string

false

none

none

» state

Cx.Osa.Application.DTOs.StateDTO

false

none

none

»» id

integer(int32)

false

none

none

»» name

string

false

none

none

»» failureReason

string

false

none

none

» sharedSourceLocationPaths

[string]

false

none

none

To perform this operation, you must be authenticated by means of one of the following methods: Bearer ( Scopes: sast_api )

Creates a new scan request

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Content-Type": []string{"multipart/form-data"},
        "Accept": []string{"application/json"},
        "Authorization": []string{"Bearer {access-token}"},
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("POST", "https://***.***.***.***/cxrestapi/help/osa/scans", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}
URL obj = new URL("https://***.***.***.***/cxrestapi/help/osa/scans");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("POST");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());
const inputBody = '{
  "projectId": 0,
  "origin": "string",
  "zippedSource": "string"
}';
const headers = {
  'Content-Type':'multipart/form-data',
  'Accept':'application/json',
  'Authorization':'Bearer {access-token}'
};

fetch('https://***.***.***.***/cxrestapi/help/osa/scans',
{
  method: 'POST',
  body: inputBody,
  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});
import requests
headers = {
  'Content-Type': 'multipart/form-data',
  'Accept': 'application/json',
  'Authorization': 'Bearer {access-token}'
}

r = requests.post('https://***.***.***.***/cxrestapi/help/osa/scans', headers = headers)

print(r.json())
require 'rest-client'
require 'json'

headers = {
  'Content-Type' => 'multipart/form-data',
  'Accept' => 'application/json',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.post 'https://***.***.***.***/cxrestapi/help/osa/scans',
  params: {
  }, headers: headers

p JSON.parse(result)
Body parameter
projectId: 0
origin: string
zippedSource: string

Parameters

Name

In

Type

Required

Description

body

body

object

false

none

» projectId

body

integer

false

The Project Id associated with requested scan

» origin

body

string

false

The location from which scan was requested (if not specified (Portal) will be selected)

» zippedSource

body

string(binary)

false

Zipped source code to scan

Responses

Status

Meaning

Description

Schema

202

Accepted

Accepted

Cx.Osa.Presentation.DTOs.NewDTOs.NewScanResponseDTO

400

Bad Request

Bad Request

None

To perform this operation, you must be authenticated by means of one of the following methods: Bearer ( Scopes: sast_api )

{
  "scanId": "00000000-0000-0000-0000-000000000000"
}

Returns basic scan details for a specified scan

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json;v=2.0"},
        "Authorization": []string{"Bearer {access-token}"},
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://***.***.***.***/cxrestapi/help/osa/scans/{scanId}", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}
URL obj = new URL("https://***.***.***.***/cxrestapi/help/osa/scans/{scanId}");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());
const headers = {
  'Accept':'application/json;v=2.0',
  'Authorization':'Bearer {access-token}'
};

fetch('https://***.***.***.***/cxrestapi/help/osa/scans/{scanId}',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});
import requests
headers = {
  'Accept': 'application/json;v=2.0',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://***.***.***.***/cxrestapi/help/osa/scans/{scanId}', headers = headers)

print(r.json())
require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json;v=2.0',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://***.***.***.***/cxrestapi/help/osa/scans/{scanId}',
  params: {
  }, headers: headers

p JSON.parse(result)

Parameters

Name

In

Type

Required

Description

scanId

path

string(uuid)

true

Unique ID of the specific scan

Responses

Status

Meaning

Description

Schema

200

OK

OK

Cx.Osa.Application.DTOs.Responses.ScanDtoV2

To perform this operation, you must be authenticated by means of one of the following methods: Bearer ( Scopes: sast_api )

Returns all the used libraries for the specified scan Id

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json;v=2.0"},
        "Authorization": []string{"Bearer {access-token}"},
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://***.***.***.***/cxrestapi/help/osa/libraries", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}
URL obj = new URL("https://***.***.***.***/cxrestapi/help/osa/libraries?scanId=497f6eca-6276-4993-bfeb-53cbbbba6f08");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());
const headers = {
  'Accept':'application/json;v=2.0',
  'Authorization':'Bearer {access-token}'
};

fetch('https://***.***.***.***/cxrestapi/help/osa/libraries?scanId=497f6eca-6276-4993-bfeb-53cbbbba6f08',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});
import requests
headers = {
  'Accept': 'application/json;v=2.0',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://***.***.***.***/cxrestapi/help/osa/libraries', params={
  'scanId': '497f6eca-6276-4993-bfeb-53cbbbba6f08'
}, headers = headers)

print(r.json())
require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json;v=2.0',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://***.***.***.***/cxrestapi/help/osa/libraries',
  params: {
  'scanId' => 'string(uuid)'
}, headers: headers

p JSON.parse(result)

Parameters

Name

In

Type

Required

Description

scanId

query

string(uuid)

true

Unique Id of the specific scan

page

query

integer(int32)

false

Page number (default 1)

itemsPerPage

query

integer(int32)

false

Number of items per page (default 100)

Responses

Status

Meaning

Description

Schema

200

OK

none

Inline

Response Schema

Status Code 200

Name

Type

Required

Restrictions

Description

anonymous

[Cx.Osa.Application.DTOs.Responses.V2.ScannedLibraryDTO]

false

none

[Library DTO]

» id

string

false

none

Library ID

» name

string

false

none

Library Name

» version

string

false

none

Library Version

» releaseDate

string(date-time)

false

none

Library Release date of the current version

» highUniqueVulnerabilityCount

integer(int32)

false

none

Number of high vulnerabilities

» mediumUniqueVulnerabilityCount

integer(int32)

false

none

Number of medium vulnerabilities

» lowUniqueVulnerabilityCount

integer(int32)

false

none

Number of low vulnerabilities

» notExploitableVulnerabilityCount

integer(int32)

false

none

Number of not exploitable vulnerabilities

» newestVersion

string

false

none

Newest version (if no newest version exists, then this field will remain empty)

» newestVersionReleaseDate

string(date-time)

false

none

Release date of newest version (if no newest version exists, then this field will contain 1970/1/1)

» numberOfVersionsSinceLastUpdate

integer(int32)

false

none

Number of newer versions (if no newest version exists, then this field will be 0)

» confidenceLevel

integer(int32)

false

none

The confidence level about the provided result

» matchType

Cx.Osa.Application.DTOs.MatchTypeDto

false

none

none

»» id

integer(int32)

false

read-only

none

»» name

string

false

read-only

none

»» description

string

false

read-only

none

» licenses

[string]

false

none

Collection of legal licenses id

» outdated

boolean

false

none

Indicate whether this library outdated

» severity

Cx.Osa.Application.DTOs.SeverityDTO

false

none

none

»» id

integer(int32)

false

none

none

»» name

string

false

none

none

» riskScore

number(double)

false

none

Library risk score based on highest vulnerability risk score

» locations

[Cx.Osa.Application.DTOs.Responses.LibraryLocationDto]

false

none

Library locations and their match-type

»» path

string

false

read-only

none

»» matchType

Cx.Osa.Application.DTOs.MatchTypeDto

false

none

none

To perform this operation, you must be authenticated by means of one of the following methods: Bearer ( Scopes: sast_api )

Returns all the vulnerabilities for the specified scan Id. Each vulnerability returned is unique to its library or file.

package main

import (
       "bytes"
       "net/http"
)

func main() {

    headers := map[string][]string{
        "Accept": []string{"application/json;v=2.0"},
        "Authorization": []string{"Bearer {access-token}"},
    }

    data := bytes.NewBuffer([]byte{jsonReq})
    req, err := http.NewRequest("GET", "https://***.***.***.***/cxrestapi/help/osa/vulnerabilities", data)
    req.Header = headers

    client := &http.Client{}
    resp, err := client.Do(req)
    // ...
}
URL obj = new URL("https://***.***.***.***/cxrestapi/help/osa/vulnerabilities?scanId=497f6eca-6276-4993-bfeb-53cbbbba6f08");
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
con.setRequestMethod("GET");
int responseCode = con.getResponseCode();
BufferedReader in = new BufferedReader(
    new InputStreamReader(con.getInputStream()));
String inputLine;
StringBuffer response = new StringBuffer();
while ((inputLine = in.readLine()) != null) {
    response.append(inputLine);
}
in.close();
System.out.println(response.toString());
const headers = {
  'Accept':'application/json;v=2.0',
  'Authorization':'Bearer {access-token}'
};

fetch('https://***.***.***.***/cxrestapi/help/osa/vulnerabilities?scanId=497f6eca-6276-4993-bfeb-53cbbbba6f08',
{
  method: 'GET',

  headers: headers
})
.then(function(res) {
    return res.json();
}).then(function(body) {
    console.log(body);
});
import requests
headers = {
  'Accept': 'application/json;v=2.0',
  'Authorization': 'Bearer {access-token}'
}

r = requests.get('https://***.***.***.***/cxrestapi/help/osa/vulnerabilities', params={
  'scanId': '497f6eca-6276-4993-bfeb-53cbbbba6f08'
}, headers = headers)

print(r.json())
require 'rest-client'
require 'json'

headers = {
  'Accept' => 'application/json;v=2.0',
  'Authorization' => 'Bearer {access-token}'
}

result = RestClient.get 'https://***.***.***.***/cxrestapi/help/osa/vulnerabilities',
  params: {
  'scanId' => 'string(uuid)'
}, headers: headers

p JSON.parse(result)

Parameters

Name

In

Type

Required

Description

scanId

query

string(uuid)

true

Unique Id of the specific scan

page

query

integer(int32)

false

Page number

itemsPerPage

query

integer(int32)

false

Amount of items returned by the request

libraryId

query

array[string]

false

Filter by library Ids

stateId

query

array[integer]

false

Filter by state Ids

comment

query

string

false

Filter by a comment containing the text

since

query

integer(int64)

false

Filter not erlier that the given unix-timestamp value

until

query

integer(int64)

false

Filter not after the given unix-timestamp value

Responses

Status

Meaning

Description

Schema

200

OK

none

Inline

Response Schema

Status Code 200

Name

Type

Required

Restrictions

Description

anonymous

[Cx.Osa.Application.DTOs.Responses.V2.VulnerabilityDto]

false

none

none

» id

string

false

none

none

» cveName

string

false

none

none

» score

number(float)

false

none

none

» severity

Cx.Osa.Application.DTOs.SeverityDTO

false

none

none

»» id

integer(int32)

false

none

none

»» name

string

false

none

none

» publishDate

string(date-time)

false

none

none

» url

string

false

none

none

» description

string

false

none

none

» recommendations

string

false

none

none

» sourceFileName

string

false

none

none

» libraryId

string

false

none

none

» state

Cx.Osa.Application.DTOs.Responses.VulnerabilityStateDto

false

none

none

»» id

integer(int32)

false

read-only

none

»» actionType

string

false

read-only

none

»» name

string

false

read-only

none

» commentsAmount

integer(int32)

false

none

none

» similarityId

string

false

none

none

» fixUrl

string

false

none

none

To perform this operation, you must be authenticated by means of one of the following methods: Bearer ( Scopes: sast_api )