This page provides an example of how to search policy violations using Data Theorem’s API. Full description of the Data Theorem’s results API can be found at: https://datatheorem.github.io/PortalApi/api_security_results/overview.html#/
Authentication
Retrieve an API Key that has the permission to start API Secure scans; API keys are available in the Data Theorem portal at https://pr-1593.demotheorem.com/mobile/sdlc/results_api_access .
How to use filter_by_asset_tags on the policy violations list endpoint
The API endpoint to get policy violations is:GET https://api.securetheorem.com/apis/api_security/results/v1beta1/policy_violations
Optionally, filter_by_asset_tags can be specified as a query parameter. If used, the expected format is a JSON string containing a dictionary with asset tag key names as dictionary keys and lists of asset tag values as dictionary values.
Example search
filter_by_asset_tags: '{"key_name_1": ["key_value_1", "key_value_2"], "key_value_2": null}'
This example will get policy violations related to assets that have asset tag key/values matching:
key =
key_name_1and value=key_value_1key =
key_name_1and value=key_value_2key =
key_value_2and any value
Example with curl:
curl -g \
--header 'Authorization: APIKey 1234567890abcdefgh=' \
'https://api.securetheorem.com/apis/api_security/results/v1beta1/policy_violations?filter_by_asset_tags={%22key_name_1%22:%20[%22key_value_1%22,%20%22key_value_2%22],%20%22test-vw%22:%20null}'
Example with Python requests:
import requests
response = requests.request(
"GET",
url="https://api.securetheorem.com/apis/api_security/results/v1beta1/policy_violations",
headers={"Authorization": "APIKey 1234567890abcdefgh="},
params={"filter_by_asset_tags": '{"key_name_1": ["key_value_1", "key_value_2"], "key_value_2": null}'},
)
print(response.text)