Secure Application APIs
This page describes the Secure Application API methods you can use to query parameters, dashboards, and security reports of your choice.
API Rate Limits
Generate Access Tokens
You can generate access tokens for each API access call into your Controller by generating the token through the OAuth API.
Example of endpoint usage:
curl -X GET 'https://<controller address>/controller/argento/public-api/v1/applications' \
--header 'Authorization: Bearer <your-token-from-ouath-above>'Get Application List
Retrieve a paginated list of applications with optional SCIM filtering and sorting capabilities. Returns application details including security status, agent counts, and metadata.
GET controller/argento/public-api/v1/applicationsParameters
| Name | Type | Description |
|---|---|---|
date (query parameter) | string |
Date and time in RFC3339 format for temporal filtering. API returns data for the last 8 days by default when no date is specified. When provided, allows filtering within the last 8 days only - dates older than 8 days or future dates will be rejected. Supports UTC and local timezone offsets. Examples: |
max (query parameter) | integer |
Maximum number of items to return per page. Must be a valid integer. Default: |
offset (query parameter) | integer |
Number of items to skip for pagination. Must be a valid integer. Default: |
sort (query parameter) | string |
Field name to sort results by. Available fields: Example: |
order (query parameter) | string |
Sort order for results. Must be Default: |
filter (query parameter) | string | SCIM filter expression for result filtering as defined in RFC 7644. Supports operators: "applicationName eq MyApp", "applicationSecurityEnabled eq true", "applicationName co web"
|
applicationId (query parameter) | integer |
Global application filter to restrict output to one application only. Use appdApplicationId value from response. Use value of the field |
Responses
- Code 200
-
Successfully retrieval of applications list:
{ "items": [ { "appdApplicationId": 0, "applicationCreatedAt": "string", "applicationId": "string", "applicationName": "string", "applicationSecurityEnabled": true, "applicationSecurityEnabledComputed": true, "countApmActive": 0, "countReady": 0, "countSecured": 0, "countSecurityEnabled": 0, "countSupportedAgent": 0 } ], "total": 0 } - Code 400
-
Bad request: Invalid query parameters, malformed SCIM filter expression, or validation error:
{ "error": "string" } - Code 500
-
Internal server error:
{ "error": "string" }
Get Application Tiers
Retrieve a paginated list of tiers for a specific application with optional SCIM filtering and sorting capabilities. Returns tier details including security status, agent counts, and metadata.
GET controller/argento/public-api/v1/applications/{applicationId}/tiersParameters
| Name | Type | Description |
|---|---|---|
applicationId (path parameter) | string |
Application ID (UUID format) to retrieve tiers for. Must be a valid UUID. |
date (query parameter) | string |
Date and time in RFC3339 format for temporal filtering. Supports both UTC and local timezone offsets. Examples: UTC: |
max (query parameter) | integer |
Maximum number of items to return per page. Must be a valid integer. Default: |
offset (query parameter) | integer |
Number of items to skip for pagination. Must be a valid integer. Default: |
sort (query parameter) | string |
Field name to sort results by. Available fields: Example: |
order (query parameter) | string |
Sort order for results. Must be Default: |
filter (query parameter) | string |
SCIM filter expression for result filtering. Supports operators: Examples: |
applicationId (query parameter) | integer |
Global application filter to restrict output to one application only. Use Example: |
tierId (query parameter) | integer |
Global tier filter to restrict output to one tier only. Use |
Responses
- Code 200
-
Successful retrieval of the tier list:
{ "items": [ { "appdApplicationId": 0, "appdTierId": 0, "applicationId": "string", "applicationName": "string", "countApmActive": 0, "countReady": 0, "countSecured": 0, "countSecurityEnabled": 0, "countSupportedAgent": 0, "id": "string", "tierCreatedAt": "string", "tierEnableSecurity": true, "tierEnableSecurityStatus": true, "tierName": "string" } ], "total": 0 } - Code 400
-
Bad request: Invalid query parameters, malformed SCIM filter expression, or validation errort:
{ "error": "string" } - Code 500
-
Internal server error:
{ "error": "string" }
Get Attack List
Returns a paginated and filterable list of all attack summaries accessible to the tenant. Supports SCIM-based filtering for result filtering, flexible sorting by multiple fields, time-based queries, and standard pagination. Results include comprehensive attack metadata including attack classification, timeline information, associated application/tier context, business transaction details, and security assessment data. Use this endpoint to browse and search through all security attacks detected in your environment.
GET controller/argento/public-api/v1/attacksParameters
| Name | Type | Description |
|---|---|---|
startedAt (query parameter) | string |
Start time boundary for time-based filtering of attacks in RFC3339 format with timezone support. API returns data for the last 8 days by default when no date is specified. When provided, allows filtering within the last 8 days only - dates older than 8 days or future dates will be rejected. Must be used with Example: |
endedAt (query parameter) | string |
End time boundary for time-based filtering of attacks in RFC3339 format with timezone support. API returns data for the last 8 days by default when no date is specified. When provided, allows filtering within the last 8 days only - dates older than 8 days or future dates will be rejected. Must be used with Example: |
sort (query parameter) | string |
Field name to sort results by. Available fields: Example: |
order (query parameter) | string |
Sort order direction for the specified sort field. Available values: Default value: Example: |
filter (query parameter) | string |
SCIM filter expression for result filtering as defined in RFC 7644. Supports operators: Example: |
max (query parameter) | integer |
Maximum number of results per page for pagination. Controls the size of the result set returned. Must be a valid integer. Default value: Example: |
offset (query parameter) | integer |
Number of results to skip for pagination. Used to retrieve subsequent pages of results. Must be a valid integer. Default value: Example: |
applicationId (query parameter) | integer |
Global application filter to restrict output to a specific application. Use Example: |
tierId (query parameter) | integer |
Global tier filter to restrict output to a specific tier. Use Example: |
Responses
- Code 200
-
Successfully retrieved detailed attack summary information:
{ "appdApplicationId": 0, "appdBtId": 0, "appdTierId": 0, "applicationId": "string", "applicationName": "string", "attackName": "string", "attackNote": "string", "attackOutcome": "string", "attackSource": "string", "attackStatus": "string", "attackSummaryId": "string", "attackTypes": "string", "btName": "string", "btUuid": "string", "firstSeenAt": "string", "keyInfo": "string", "lastSeenAt": "string", "tierId": "string", "tierName": "string" } - Code 400
-
Bad Request - Invalid or malformed UUID format:
{ "error": "string" } - Code 500
-
Internal Server Error:
{ "error": "string" }
Get Attack Details
Returns detailed information about a specific attack identified by its UUID. Provides comprehensive attack summary with all related context information including attack classification, timeline, associated application/tier context, business transaction details, and security assessment data. Use this endpoint to retrieve complete information about a specific security attack incident.
GET controller/argento/public-api/v1/attacks/{attackSummaryId}Parameters
| Name | Type | Description |
|---|---|---|
attackSummaryId (path parameter, required) | string |
Attack Summary UUID for retrieving specific attack details. Example: |
startedAt (query parameter) | string |
Start time boundary for time-based filtering of attacks in RFC3339 format with timezone support. API returns data for the last 8 days by default when no date is specified. When provided, allows filtering within the last 8 days only - dates older than 8 days or future dates will be rejected. Must be used with Example: |
endedAt (query parameter) | string |
End time boundary for time-based filtering of attacks in RFC3339 format with timezone support. API returns data for the last 8 days by default when no date is specified. When provided, allows filtering within the last 8 days only - dates older than 8 days or future dates will be rejected. Must be used with Example: |
sort (query parameter) | string |
Field name to sort results by. Available fields: Example: |
order (query parameter) | string |
Sort order direction for the specified sort field. Available values: Default value: Example: |
filter (query parameter) | string |
SCIM filter expression for result filtering as defined in RFC 7644. Supports operators: Example: |
max (query parameter) | integer |
Maximum number of results per page for pagination. Controls the size of the result set returned. Must be a valid integer. Default value: Example: |
offset (query parameter) | integer |
Number of results to skip for pagination. Used to retrieve subsequent pages of results. Must be a valid integer. Default value: Example: |
applicationId (query parameter) | integer |
Global application filter to restrict output to a specific application. Use Example: |
tierId (query parameter) | integer |
Global tier filter to restrict output to a specific tier. Use Example: |
Responses
- Code 200
-
Successfully retrieved detailed attack summary information:
{ "appdApplicationId": 0, "appdBtId": 0, "appdTierId": 0, "applicationId": "string", "applicationName": "string", "attackName": "string", "attackNote": "string", "attackOutcome": "string", "attackSource": "string", "attackStatus": "string", "attackSummaryId": "string", "attackTypes": "string", "btName": "string", "btUuid": "string", "firstSeenAt": "string", "keyInfo": "string", "lastSeenAt": "string", "tierId": "string", "tierName": "string" } - Code 400
-
Bad Request - Invalid or malformed UUID format:
{ "error": "string" } - Code 500
-
Internal Server Error:
{ "error": "string" }
Get Business Transaction List
Retrieves a paginated and filterable list of all business transactions accessible to the tenant. Supports SCIM-based filtering for result filtering, flexible sorting by multiple fields, time-based queries, and standard pagination. Results include comprehensive business transaction metadata including transaction names, performance metrics, associated applications/tiers, security status, and vulnerability counts. Use this endpoint to browse and search through all business transactions in your environment.
GET controller/argento/public-api/v1/businessTransactionsParameters
| Name | Type | Description |
|---|---|---|
startedAt (query parameter) | string |
Start time boundary for time-based filtering of business transactions in RFC3339 format with timezone support. Filters transactions that were active at or after this timestamp. Future dates are rejected with Example: |
endedAt (query parameter) | string |
End time boundary for time-based filtering of business transactions in RFC3339 format with timezone support. Filters transactions that were active at or before this timestamp. Future dates are rejected with 'date is in the future' error message. Example: |
sort (query parameter) | string |
Field name to sort results by. Supported fields include business transaction metadata, performance metrics, application/tier information, and security status fields. Specify the exact field name for sorting. Example: |
order (query parameter) | string |
Sort order direction for the specified sort field. Must be uppercase. Available values: Default value: Example: |
filter (query parameter) | string |
SCIM filter expression for result filtering. Supports operators: Example: |
max (query parameter) | integer |
Maximum number of results per page for pagination. Controls the size of the result set returned. Must be a valid integer. Default value: Example: |
offset (query parameter) | integer |
Number of results to skip for pagination. Used to retrieve subsequent pages of results. Must be a valid integer. Default value: Example: |
applicationId (query parameter) | integer |
Global application filter to restrict output to a specific application. Use Example: |
tierId (query parameter) | integer |
Global tier filter to restrict output to a specific tier. Use Example: |
Responses
- Code 200
-
Successfully retrieved paginated list of business transactions with total count and items array:
{ "items": [ { "appdApplicationId": 0, "appdBusinessTransactionId": 0, "applicationId": "string", "applicationName": "string", "attackOutcomeCountAttempted": 0, "attackOutcomeCountBlocked": 0, "attackOutcomeCountExploited": 0, "brmTitle": "string", "businessRiskScore": 0, "businessTransactionId": "string", "businessTransactionName": "string", "entryTierAppdId": 0, "entryTierId": "string", "entryTierName": "string", "riskScore": 0, "severityCountCritical": 0, "severityCountHigh": 0, "severityCountLow": 0, "severityCountMedium": 0, "tierCount": 0, "totalAttackCount": 0, "totalVulnCount": 0 } ], "total": 0 } - Code 400
-
Bad Request - Invalid query parameters, invalid time format, unsupported SCIM filter expressions, or invalid sort fields:
{ "error": "string" } - Code 500
-
Internal Server Error:
{ "error": "string" }
Get Business Transaction Details
Returns detailed information about a specific business transaction identified by its UUID. Provides comprehensive business transaction details including transaction metadata, performance metrics, associated applications/tiers, security status, vulnerability information, and execution patterns. Use this endpoint to retrieve complete information about a specific business transaction in your environment.
GET controller/argento/public-api/v1/businessTransactions/{businessTransactionId}Parameters
| Name | Type | Description |
|---|---|---|
businessTransactionId (path parameter, required) | string |
Business Transaction ID in UUID format for retrieving specific transaction details. Must be a valid UUID. Example: |
Responses
- Code 200
-
Successfully retrieved detailed business transaction information:
{ "appdApplicationId": 0, "appdBusinessTransactionId": 0, "applicationId": "string", "applicationName": "string", "brmTitle": "string", "businessRiskScore": 0, "businessTransactionName": "string", "entryTierAppdId": 0, "entryTierId": "string", "entryTierName": "string", "riskScore": 0, "riskScoreCard": "string" } - Code 400
-
Bad Request - Invalid or malformed UUID format:
{ "error": "string" } - Code 500
-
Internal Server Error:
{ "error": "string" }
Get Library List
Retrieves a paginated and filterable list of all libraries accessible to the tenant. Supports SCIM-based filtering for result filtering, flexible sorting by multiple fields, time-based queries, and standard pagination. Results include comprehensive library metadata including package information, version details, associated applications/tiers, vulnerability counts, and security status. Use this endpoint to browse and search through all third-party libraries detected in your environment.
GET controller/argento/public-api/v1/librariesParameters
| Name | Type | Description |
|---|---|---|
startedAt (query parameter) | string |
Start time boundary for time-based filtering of libraries in RFC3339 format with timezone support. API returns data for the last 8 days by default when no date is specified. When provided, allows filtering within the last 8 days only - dates older than 8 days or future dates will be rejected. Example: |
endedAt (query parameter) | string |
End time boundary for time-based filtering of libraries in RFC3339 format with timezone support. API returns data for the last 8 days by default when no date is specified. When provided, allows filtering within the last 8 days only - dates older than 8 days or future dates will be rejected. Example: |
sort (query parameter) | string |
Field name to sort results by. Available fields: Example: |
order (query parameter) | string |
Sort order direction for the specified sort field. Must be uppercase. Available values: Default value: Example: |
filter (query parameter) | string |
SCIM filter expression for result filtering as defined in RFC 7644. Supports operators: Example: |
max (query parameter) | integer |
Maximum number of results per page for pagination. Controls the size of the result set returned. Must be a valid integer. Default value: Example: |
offset (query parameter) | integer |
Number of results to skip for pagination. Used to retrieve subsequent pages of results. Must be a valid integer. Default value: Example: |
applicationId (query parameter) | integer |
Global application filter to restrict output to a specific application. Use Example: |
tierId (query parameter) | integer |
Global tier filter to restrict output to a specific tier. Use Example: |
Responses
- Code 200
-
Successfully retrieved paginated list of libraries with total count and items array:
{ "items": [ { "active_internet_breach": true, "affectedNodeCount": 0, "appdApplicationId": 0, "appdTierId": 0, "applicationId": "string", "applicationName": "string", "easily_exploitable": true, "filePath": "string", "kennaRiskScore": 0, "libraryId": "string", "malware_exploitable": true, "packageCanonicalName": "string", "packageId": "string", "packageLanguage": "string", "packageName": "string", "packageVersion": "string", "popular_target": true, "predicted_exploitable": true, "recommendedVersion": "string", "remote_code_execution": true, "riskScore": 0, "severity": "string", "severityCountCritical": 0, "severityCountHigh": 0, "severityCountLow": 0, "severityCountMedium": 0, "status": "string", "tierId": "string", "tierName": "string", "totalVulnCount": 0 } ], "total": 0 } - Code 400
-
Bad Request - Invalid query parameters, invalid time format, unsupported SCIM filter expressions, or invalid sort fields:
{ "error": "string" } - Code 500
-
Internal Server Error:
{ "error": "string" }
Get Library Details
Returns detailed information about a specific library identified by its UUID. Provides comprehensive library details including package information, version details, license information, security status, vulnerability counts, and associated applications/tiers. Use this endpoint to retrieve complete information about a specific third-party library in your environment.
GET controller/argento/public-api/v1/libraries/{libraryId}Parameters
| Name | Type | Description |
|---|---|---|
libraryId (path parameter, required) | string |
Library ID in UUID format for retrieving specific library details. Must be a valid UUID. Example: |
applicationId (query parameter) | integer |
Global application filter to restrict output to a specific application. Use Example: |
tierId (query parameter) | integer |
Global tier filter to restrict output to a specific tier. Use Example: |
Responses
- Code 200
-
Successfully retrieved detailed library information:
{ "affectedNodeCount": 0, "appdApplicationId": 0, "appdTierId": 0, "applicationId": "string", "applicationName": "string", "filePath": "string", "highestCvssScoreCveId": "string", "highestCvssScoreCveName": "string", "highestCvssScoreCveTitle": "string", "highestKennaRiskScoreCveId": "string", "highestKennaRiskScoreCveName": "string", "highestKennaRiskScoreCveTitle": "string", "kennaRiskScore": 0, "libraryId": "string", "packageCanonicalName": "string", "packageId": "string", "packageLanguage": "string", "packageName": "string", "packageVersion": "string", "recommendedVersion": "string", "riskScore": 0, "severity": "string", "status": "string", "tierId": "string", "tierName": "string" } - Code 400
-
Bad Request - Invalid or malformed UUID format:
{ "error": "string" } - Code 500
-
Internal Server Error:
{ "error": "string" }
Get Policy Configurations
Returns a paginated and filterable list of all operative policy configurations accessible to the tenant. Supports SCIM-based filtering for result filtering, flexible sorting by multiple fields, and standard pagination. Results include comprehensive policy metadata including associated application/tier information, policy type details, and configuration status.
GET controller/argento/public-api/v1/policyConfigsParameters
| Name | Type | Description |
|---|---|---|
filter (query parameter) | string |
SCIM filter expression for result filtering as defined in RFC 7644. Supports operators: |
sort (query parameter) | string |
Field name to sort results by. Supported fields: Example: |
order (query parameter) | string |
Sort order direction. Available values: Default value: Example: |
max (query parameter) | integer |
Maximum number of results per page. Must be a valid integer. Default: Example: |
offset (query parameter) | integer |
Number of results to skip for pagination. Must be a valid integer. Default: Example: |
Responses
- Code 200
-
Successfully retrieved paginated list of policy configurations:
{ "items": [ { "action": "string", "applicationId": "string", "applicationName": "string", "configDetails": "string", "configTypeId": 0, "configTypeName": "string", "id": "string", "policyTypeDescription": "string", "policyTypeId": 0, "policyTypeLongDescription": "string", "policyTypeName": "string", "status": "string", "tierId": "string", "tierName": "string", "version": "string" } ], "total": 0 } - Code 400
-
Bad request: Invalid query parameters, unsupported SCIM filter expressions, or invalid sort fields:
{ "error": "string" } - Code 500
-
Internal server error:
{ "error": "string" }
Get Policy Configuration Details
Retrieves complete details of a specific operative policy configuration including all associated metadata, policy type information, application/tier context, and the full configuration rules. This endpoint provides the most comprehensive view of a single policy configuration, suitable for detailed inspection and configuration management.
GET controller/argento/public-api/v1/policyConfigs/{policyConfigId}Parameters
| Name | Type | Description |
|---|---|---|
policyConfigId (path parameter) | string |
Required. Operative policy configuration UUID. Example: |
Responses
- Code 200
-
Successful retrieval of comprehensive policy configuration details:
{ "action": "string", "applicationId": "string", "applicationName": "string", "configDetails": "string", "configTypeId": 0, "configTypeName": "string", "id": "string", "policyTypeDescription": "string", "policyTypeId": 0, "policyTypeLongDescription": "string", "policyTypeName": "string", "status": "string", "tierId": "string", "tierName": "string", "version": "string" } - Code 400
-
Bad request: Invalid UUID format or malformed policy ID parameter:
{ "error": "string" } - Code 500
-
Internal server error:
{ "error": "string" }
Create a New Policy Configuration
Creates a new operative policy configuration for a given tenant. This endpoint allows you to define security policies that can be applied at the global, application, or tier level. The policy configuration includes the action to take (DETECT, BLOCK, NONE, PATCH), status (ON/OFF), and detailed configuration rules in JSON format.
POST controller/argento/public-api/v1/policyConfigsParameters
| Name | Type | Description |
|---|---|---|
policy (body parameter) | object |
Required. Policy configuration payload. |
policy object (content type: application/JSON) must contain the following fields unless marked "optional":
-
action(string): The action to be taken by the policy. Valid values:DETECT,BLOCK,NONE,PATCH. -
applicationId(string): Optional. The UUID of the application for which the policy is being created.Example:
"d48fc5dc-1ad0-41f9-adfe-8b87f4a93e4e" -
configDetails(string): The JSON blob representing the detailed configuration of the policy. This includes the policy rules and parameters.Example:
"{"permission":{"filter":[{"action":"DETECT","targetMatch":{"matchType":"EQUALS","value":"bbbb.exe"},"name":"detect bbbb.exe"}]}}" -
policyTypeId(integer): The ID of the policy type being used. Policy type IDs:- Command execution: 1
- Filesystem access: 2
- Network or socket access: 3
- Database queries: 4
- Libraries loaded at runtime: 5
- Unhandled exceptions: 6
- Headers in http transactions: 7
- Cookies in outgoing http response: 8
- Class deserialization at runtime: 9
- Web transaction: 10
-
status(string): The status of the policy. Valid values:ON,OFF. -
tierId(string): Optional. The UUID of the tier for which the policy is being created.Example:
"e43fa8f3-9a1d-452b-97f5-63d97bda624f"
Example:
{
"action": "DETECT",
"applicationId": "string",
"configDetails": "string",
"policyTypeId": 0,
"status": "ON",
"tierId": "string"
}Responses
- Code 201
-
Successfully created policy configuration with generated UUID and metadata:
{ "action": "string", "application_id": "string", "config_details": "string", "config_type_id": 0, "config_type_value": "string", "created_at": "string", "id": "string", "modified_by": "string", "notify": true, "operative_policy_type_id": 0, "overridable": true, "status": "string", "tenant_id": "string", "tier_id": "string", "updated_at": "string", "version": 0 } - Code 400
-
Bad request: Invalid input data, validation errors, or malformed JSON in
configDetails:{ "error": "string" } - Code 500
-
Internal server error:
{ "error": "string" }
Delete a Policy Configuration
Permanently deletes an existing operative policy configuration by its UUID. This operation is irreversible and will immediately stop any active policy enforcement associated with this configuration. Use with caution as this may impact active security monitoring and protection.
DELETE controller/argento/public-api/v1/policyConfigs/{policyConfigId}Parameters
| Name | Type | Description |
|---|---|---|
policyConfigId (path parameter) | string |
Required. Operative policy configuration UUID to delete. Example: |
Responses
- Code 204
-
No Content - Policy configuration successfully deleted.
- Code 400
- Bad request: Invalid UUID format or malformed policy ID parameter:
{ "error": "string" } - Code 500
-
Internal server error:
{ "error": "string" }
Get Vulnerability List
Retrieves a paginated and filterable list of all vulnerabilities accessible to the tenant. Supports SCIM-based filtering for result filtering, flexible sorting by multiple fields, time-based queries, and standard pagination. Results include comprehensive vulnerability metadata including CVE information, severity assessments, affected applications/tiers, package details, and risk scoring data. Use this endpoint to browse and search through all security vulnerabilities detected in your environment.
GET controller/argento/public-api/v1/vulnerabilitiesParameters
| Name | Type | Description |
|---|---|---|
startedAt (query parameter) | string |
Start time boundary for time-based filtering of vulnerabilities in RFC3339 format with timezone support. API returns data for the last 8 days by default when no date is specified. When provided, allows filtering within the last 8 days only - dates older than 8 days or future dates will be rejected. Example: |
endedAt (query parameter) | string |
End time boundary for time-based filtering of vulnerabilities in RFC3339 format with timezone support. API returns data for the last 8 days by default when no date is specified. When provided, allows filtering within the last 8 days only - dates older than 8 days or future dates will be rejected. Example: |
sort (query parameter) | string |
Field name to sort results by. Available fields: Example: |
order (query parameter) | string |
Sort order direction for the specified sort field. Must be uppercase. Available values: Default value: Example: |
filter (query parameter) | string |
SCIM filter expression for result filtering as defined in RFC 7644. Supports operators: Example: |
max (query parameter) | integer |
Maximum number of results per page for pagination. Controls the size of the result set returned. Must be a valid integer. Default value: Example: |
offset (query parameter) | integer |
Number of results to skip for pagination. Used to retrieve subsequent pages of results. Must be a valid integer. Default value: Example: |
applicationId (query parameter) | integer |
Global application filter to restrict output to a specific application. Use Example: |
tierId (query parameter) | integer |
Global tier filter to restrict output to a specific tier. Use Example: |
Responses
- Code 200
-
Successfully retrieved paginated list of vulnerabilities with total count and items array:
{ "items": [ { "active_internet_breach": true, "affectedNodeCount": 0, "appdApplicationId": 0, "appdTierId": 0, "applicationId": "string", "applicationName": "string", "attackSummaryId": "string", "cveId": "string", "cveName": "string", "cvePublishDate": "string", "cveTitle": "string", "cweName": "string", "easily_exploitable": true, "firstSeenAt": "string", "hasAttacks": true, "hasEvent": true, "hasObservations": true, "incidentId": "string", "kennaScore": 0, "lastSeenAt": "string", "libraryId": "string", "malware_exploitable": true, "packageCanonicalName": "string", "packageId": "string", "packageLanguage": "string", "popular_target": true, "predicted_exploitable": true, "remediation": "string", "remote_code_execution": true, "riskScore": 0, "severity": "string", "status": "Unknown", "tierId": "string", "tierName": "string" } ], "total": 0 } - Code 400
-
Bad Request - Invalid query parameters, invalid time format, unsupported SCIM filter expressions, or invalid sort fields:
{ "error": "string" } - Code 500
-
Internal Server Error:
{ "error": "string" }
Get Vulnerability Details
Returns detailed information about a specific vulnerability identified by its CVE ID UUID. Provides comprehensive vulnerability details including CVE classification, severity assessment, affected applications/tiers, package information, risk scoring, and remediation guidance. Use this endpoint to retrieve complete information about a specific security vulnerability incident.
GET controller/argento/public-api/v1/vulnerabilities/{cveId}Parameters
| Name | Type | Description |
|---|---|---|
cveId (path parameter, required) | string |
CVE ID in UUID format for retrieving specific vulnerability details. Must be a valid UUID. Example: |
Responses
- Code 200
-
Successfully retrieved detailed vulnerability information:
{ "createdAt": "string", "cveId": "string", "cveTitle": "string", "cvss3BaseScore": 0, "cvss3VectorString": "string", "cweName": "string", "description": "string", "kenna": { "active_internet_breach": true, "easily_exploitable": true, "malware_exploitable": true, "popular_target": true, "predicted_exploitable": true, "remote_code_execution": true, "risk_score_meter": 0 }, "name": "string", "nvdUrl": "string", "publishDate": "string", "remediation": "string", "severity": "string", "updatedAt": "string" } - Code 400
-
Bad Request - Invalid or malformed UUID format:
{ "error": "string" } - Code 404
-
Resource not found - Vulnerability not found for the specified CVE ID:
{ "error": "string" } - Code 500
-
Internal Server Error:
{ "error": "string" }
Get Tier Nodes
Retrieve a paginated list of nodes for a specific tier with optional SCIM filtering and sorting capabilities. Returns node details including security status, agent counts, and metadata.
GET controller/argento/public-api/v1/tiers/{tierId}/nodesParameters
| Name | Type | Description |
|---|---|---|
tierId (path parameter, required) | string |
Tier ID (UUID format) to retrieve nodes for. Must be a valid UUID. |
date (query parameter) | string |
Date and time in RFC3339 format for temporal filtering. Supports both UTC and local timezone offsets. Future dates are rejected with 'date is in the future' error. Example: |
max (query parameter) | integer |
Maximum number of items to return per page. Must be a valid integer. Default value: |
offset (query parameter) | integer |
Number of items to skip for pagination. Must be a valid integer. Default value: |
sort (query parameter) | string |
Field name to sort results by. Available fields: Example: |
order (query parameter) | string |
Sort order for results. Must be 'ASC' for ascending or 'DESC' for descending order. Default value: |
filter (query parameter) | string |
SCIM filter expression for result filtering. Supports operators: Example: |
Responses
- Code 200
-
Successfully retrieved nodes list:
{ "items": [ { "appdApplicationId": 0, "appdNodeId": 0, "appdTierId": 0, "applicationId": "string", "countApmActive": 0, "countReady": 0, "countSecured": 0, "countSecurityEnabled": 0, "countSupportedAgent": 0, "id": "string", "nodeAppdNodeAgentType": "string", "nodeAppdNodeAgentVersion": "string", "nodeCreatedAt": "string", "nodeJvmId": "string", "nodeLastCheckinAt": "string", "nodeLastDependencyReportAt": "string", "nodeSecurityEnabled": true, "nodeSecurityEnabledComputed": true, "tierId": "string" } ], "total": 0 } - Code 400
-
Bad Request - Invalid query parameters, malformed SCIM filter expression, or validation error:
{ "error": "string" } - Code 500
-
Internal Server Error:
{ "error": "string" }
Get Business Risk Score
Retrieves business risk score by application and business transaction based on the provided query parameters.
GET controller/argento/public-api/v1/stats/businessRiskParameters
| Name | Type | Description |
|---|---|---|
btId (query parameter) | string |
Business Transaction ID, in UUID format. Example: |
applicationId (query parameter) | integer |
Global application filter, to restrict output to one application only use Example: |
tierId (query parameter) | integer |
Global tier filter, to restrict output to one tier only. Use Example: |
Responses
- Code 200
-
Successful retrieval of business risk score:
{ "brmTitle": "string", "businessRiskScore": 0 } - Code 400
-
Bad Request:
{ "error": "string" } - Code 500
-
Internal Server Error:
{ "error": "string" }
Update the Security Status for an Application
Updates the securityEnabled status for a specific application based on the provided resource ID.
PATCH controller/argento/public-api/v1/applications/{resourceId}Parameters
| Name | Type | Description |
|---|---|---|
resourceId
| string | Resource ID of the application (UUID format). Required. |
body
| object | JSON body containing the securityEnabled status. Required.Example: |
Responses
- Code 204
-
Successful update, no content.
- Code 400
-
Invalid request (such as missing or invalid parameters):
{ "error": "string" } - Code 404
-
Resource not found:
{ "error": "string" } - Code 500
-
Internal server error:
{ "error": "string" }
Update the Security Status for a Tier
Update the security enablement status for a specific application, tier, or node resource. This endpoint supports updating the securityEnabled flag for different resource types based on the route path used.
PATCH controller/argento/public-api/v1/tiers/{resourceId}Parameters
| Name | Type | Description |
|---|---|---|
resourceId (path parameter, required) | string |
Resource ID (UUID format) of the application, tier, or node to update. Must be a valid UUID. |
| Request Body (required) | object |
JSON body containing the security enablement status. The Example: |
Responses
- Code 204
-
Successfully updated resource security settings.
- Code 400
-
Bad Request - Invalid resource ID format, missing request body, or validation error:
{ "error": "string" } - Code 500
-
Internal Server Error:
{ "error": "string" }
Update the Security Status for a Node
Update the security enablement status for a specific application, tier, or node resource. This endpoint supports updating the securityEnabled flag for different resource types based on the route path used.
PATCH controller/argento/public-api/v1/nodes/{resourceId}Parameters
| Name | Type | Description |
|---|---|---|
resourceId (path parameter, required) | string |
Resource ID (UUID format) of the application, tier, or node to update. Must be a valid UUID. |
| Request Body (required) | object |
JSON body containing the security enablement status. The Example: |
Responses
- Code 204
-
Successfully updated resource security settings.
- Code 400
-
Bad Request - Invalid resource ID format, missing request body, or validation error:
{ "error": "string" } - Code 500
-
Internal Server Error:
{ "error": "string" }
Update a Policy Configuration
Performs partial updates on an existing operative policy configuration. This endpoint supports updating the action (DETECT, BLOCK, NONE, PATCH), status (ON, OFF), and detailed configuration rules. Only the fields provided in the request body will be updated, following RESTful PATCH semantics. The policy configuration must exist and be accessible by the tenant.
PATCH controller/argento/public-api/v1/policyConfigs/{policyConfigId}Parameters
| Name | Type | Description |
|---|---|---|
policyConfigId (path parameter) | string |
Required. Operative policy configuration UUID. Example: |
updateData (body parameter) | object |
Fields to update. Only the fields you provide are modified. |
updateData object (content type: application/JSON) description:
-
action(string): The action to be taken by the policy. Valid values:DETECT,BLOCK,NONE,PATCH. -
configDetails(string): The JSON blob representing the detailed configuration of the policy. This includes the policy rules and parameters.Example:
"{"permission":{"filter":[{"action":"DETECT","targetMatch":{"matchType":"EQUALS","value":"bbbb.exe"},"name":"detect bbbb.exe"}]}}" -
status(string): The status of the policy. Valid values:ON,OFF.
Example:
{
"action": "DETECT",
"configDetails": "string",
"status": "ON"
}Responses
- Code 200
-
Successful update of policy configuration with modified fields:
{ "action": "string", "application_id": "string", "config_details": "string", "config_type_id": 0, "config_type_value": "string", "created_at": "string", "id": "string", "modified_by": "string", "notify": true, "operative_policy_type_id": 0, "overridable": true, "status": "string", "tenant_id": "string", "tier_id": "string", "updated_at": "string", "version": 0 }
- Code 400
-
Bad request: Invalid UUID format, validation errors, malformed
updateDataJSON, or no data provided for update:{ "error": "string" }
- Code 500
-
Internal server error:
{ "error": "string" }
Download Swagger YAML Specification
Download the Swagger YAML specification.