This page provides an example of how to search policy violations using Data Theorem’s API. Full description of the Data Theorem’s results API can be found at: https://datatheorem.github.io/PortalApi/api_security_results/overview.html#/
Authentication
Retrieve an API Key that has the permission to start API Secure scans; API keys are available in the Data Theorem portal at https://pr-1593.demotheorem.com/mobile/sdlc/results_api_access .
How to use filter_by_asset_tags
on the policy violations list endpoint
The API endpoint to get policy violations is:GET https://api.securetheorem.com/apis/api_security/results/v1beta1/policy_violations
Optionally, filter_by_asset_tags
can be specified as a query parameter. If used, the expected format is a JSON string containing a dictionary with asset tag key names as dictionary keys and lists of asset tag values as dictionary values.
Example search
filter_by_asset_tags: '{"key_name_1": "key_value_1", "key_value_2": null}'
This example will get policy violations related to assets that have asset tag key/values matching:
key =
key_name_1
and value=key_value_1
key =
key_name_1
and value=key_value_2
key =
key_value_2
and any value
Example with curl
:
curl -g \ --header 'Authorization: APIKey 1234567890abcdefgh=' \ 'https://api.securetheorem.com/apis/api_security/results/v1beta1/policy_violations?filter_by_asset_tags={%22key_name_1%22:%20%22key_value_1%22,%20%22test-vw%22:%20null}'
Example with Python requests
:
import requests response = requests.request( "GET", url="https://api.securetheorem.com/apis/api_security/results/v1beta1/policy_violations", headers={"Authorization": "APIKey 1234567890abcdefgh="}, params={"filter_by_asset_tags": '{"key_name_1": "key_value_1", "key_value_2": null}'}, ) print(response.text)