Secure Application APIs

This page describes the Secure Application API methods you can use to query parameters, dashboards, and security reports of your choice.

API Rate Limits

The Secure Application API supports a maximum of 300 requests per minute.

Generate Access Tokens

You can generate access tokens for each API access call into your Controller by generating the token through the OAuth API.

Example of endpoint usage:

curl -X GET  'https://<controller address>/controller/argento/public-api/v1/applications' \
--header 'Authorization: Bearer <your-token-from-ouath-above>'

Get Application List

Retrieve a paginated list of applications with optional SCIM filtering and sorting capabilities. Returns application details including security status, agent counts, and metadata.

GET controller/argento/public-api/v1/applications

Parameters


Name	Type	Description
`date` (query parameter)	string	Date and time in RFC3339 format for temporal filtering. API returns data for the last 8 days by default when no date is specified. When provided, allows filtering within the last 8 days only - dates older than 8 days or future dates will be rejected. Supports UTC and local timezone offsets. Examples: `UTC: 2021-01-30T08:30:00Z`, `Pacific: 2021-01-30T08:30:00-08:00`, `Eastern: 2021-01-30T08:30:00-05:00`
`max` (query parameter)	integer	Maximum number of items to return per page. Must be a valid integer. Default: `10`
`offset` (query parameter)	integer	Number of items to skip for pagination. Must be a valid integer. Default: `0`
`sort` (query parameter)	string	Field name to sort results by. Available fields: `applicationName`, `applicationAppdId`, `applicationCreatedAt`, `applicationSecurityEnabled`, `applicationSecurityEnabledComputed`, `countApmActive`, `countSupportedAgent`, `countSecured`, `countSecurityEnabled`, `countReady`. Field names are case-insensitive. Example: `"applicationName"`
`order` (query parameter)	string	Sort order for results. Must be `ASC` for ascending or `DESC` for descending order. Default: `"DESC"`
`filter` (query parameter)	string	SCIM filter expression for result filtering as defined in RFC 7644. Supports operators: `eq` (equals), `co` (contains). Filterable fields: `applicationName`, `applicationSecurityEnabled`, `applicationSecurityEnabledComputed`. Field names are case-insensitive. Examples: `"applicationName eq MyApp"`, `"applicationSecurityEnabled eq true"`, `"applicationName co web"`
`applicationId` (query parameter)	integer	Global application filter to restrict output to one application only. Use appdApplicationId value from response. Use value of the field `appdApplicationId` from the response.

Responses

Code 200

Successfully retrieval of applications list:

{
  "items": [
    {
      "appdApplicationId": 0,
      "applicationCreatedAt": "string",
      "applicationId": "string",
      "applicationName": "string",
      "applicationSecurityEnabled": true,
      "applicationSecurityEnabledComputed": true,
      "countApmActive": 0,
      "countReady": 0,
      "countSecured": 0,
      "countSecurityEnabled": 0,
      "countSupportedAgent": 0
    }
  ],
  "total": 0
}

Code 400

Bad request: Invalid query parameters, malformed SCIM filter expression, or validation error:

{
  "error": "string"
}

Code 500

Internal server error:

{
  "error": "string"
}

Get Application Tiers

Retrieve a paginated list of tiers for a specific application with optional SCIM filtering and sorting capabilities. Returns tier details including security status, agent counts, and metadata.

GET controller/argento/public-api/v1/applications/{applicationId}/tiers

Parameters


Name	Type	Description
`applicationId` (path parameter)	string	Application ID (UUID format) to retrieve tiers for. Must be a valid UUID.
`date` (query parameter)	string	Date and time in RFC3339 format for temporal filtering. Supports both UTC and local timezone offsets. Examples: UTC: `'2021-01-30T08:30:00Z'`, Pacific Time: `'2021-01-30T08:30:00-08:00'`, India Time: `'2021-01-30T08:30:00+05:30'`, Eastern Time: `'2021-01-30T08:30:00-05:00'`. Future dates are rejected with `'date is in the future'` error.
`max` (query parameter)	integer	Maximum number of items to return per page. Must be a valid integer. Default: `10`
`offset` (query parameter)	integer	Number of items to skip for pagination. Must be a valid integer. Default: `0`
`sort` (query parameter)	string	Field name to sort results by. Available fields: `tiername`, `appdtierid`, `appdapplicationid`, `createdat`, `tiersecurityenabled`, `tiersecurityenabledcomputed`, `countapmactive`, `countsupportedagent`, `countsecured`, `countsecurityenabled`, `countready`. Field names are case-insensitive. Example: `"tiername"`
`order` (query parameter)	string	Sort order for results. Must be `ASC` for ascending or `DESC` for descending order. Default: `"DESC"`
`filter` (query parameter)	string	SCIM filter expression for result filtering. Supports operators: `eq` (equals), `co` (contains). Filterable fields: `tiername`, `tiersecurityenabled`, `tiersecurityenabledcomputed`. Field names are case-insensitive. Examples: `"tiername eq \"`, `"tiername eq "WebTier"`
`applicationId` (query parameter)	integer	Global application filter to restrict output to one application only. Use `appdApplicationId` value from response. Example: `12345`
`tierId` (query parameter)	integer	Global tier filter to restrict output to one tier only. Use `appdTierId` value from response.

Responses

Code 200

Successful retrieval of the tier list:

{
  "items": [
    {
      "appdApplicationId": 0,
      "appdTierId": 0,
      "applicationId": "string",
      "applicationName": "string",
      "countApmActive": 0,
      "countReady": 0,
      "countSecured": 0,
      "countSecurityEnabled": 0,
      "countSupportedAgent": 0,
      "id": "string",
      "tierCreatedAt": "string",
      "tierEnableSecurity": true,
      "tierEnableSecurityStatus": true,
      "tierName": "string"
    }
  ],
  "total": 0
}

Code 400

Bad request: Invalid query parameters, malformed SCIM filter expression, or validation errort:

{
  "error": "string"
}

Code 500

Internal server error:

{
  "error": "string"
}

Get Application Nodes

Get a list of nodes based on a specific tier and provided query parameters.

GET controller/argento/public-api/v1/applications/{applicationId}/tiers/{tierId}/nodes

Parameters


Name	Type	Description
tierId	integer	Tier ID required for specific node details.
date	string	Date in RFC3339 format. Example: 2023-05-25T00:10:01-02:00.
sort	string	Sort the nodes by a specific field. Example: `sort=nodeName` .
order	string	Order of the sort field (asc or desc).
filter	string	Filter the nodes by a specific field. Example: `filter=nodeName eq 'node1'`.
max	integer	Maximum number of nodes to return. Default: 10 .
offset	integer	Offset for pagination. Default 0.

Responses

Code 200

Successful retrieval of node list.

{
  "items": [
    {
      "id": "string",
      "appdTierId": 0,
      "appdApplicationId": 0,
      "appdNodeId": 0,
      "nodeJvmId": "string",
      "nodeCreatedAt": "string",
      "nodeSecurityEnabled": true,
      "nodeSecurityEnabledComputed": true,
      "nodeAppdNodeAgentType": "string",
      "countApmActive": 0,
      "countSupportedAgent": 0,
      "countSecured": 0,
      "countSecurityEnabled": 0,
      "countReady": 0,
      "nodeAppdNodeAgentVersion": "string",
      "nodeLastCheckinAt": "string",
      "nodeLastDependencyReportAt": true
    }
  ],
  "total": 0
}

Code 400

A bad request:

{
"error": "string"
}

Code 500

An internal server error:

{
"error": "string"
}

Get Attack List

Returns a paginated and filterable list of all attack summaries accessible to the tenant. Supports SCIM-based filtering for result filtering, flexible sorting by multiple fields, time-based queries, and standard pagination. Results include comprehensive attack metadata including attack classification, timeline information, associated application/tier context, business transaction details, and security assessment data. Use this endpoint to browse and search through all security attacks detected in your environment.

GET controller/argento/public-api/v1/attacks

Parameters


Name	Type	Description
`startedAt` (query parameter)	string	Start time boundary for time-based filtering of attacks in RFC3339 format with timezone support. API returns data for the last 8 days by default when no date is specified. When provided, allows filtering within the last 8 days only - dates older than 8 days or future dates will be rejected. Must be used with `endedAt` parameter. Example: `"2021-01-30T08:30:00Z"`
`endedAt` (query parameter)	string	End time boundary for time-based filtering of attacks in RFC3339 format with timezone support. API returns data for the last 8 days by default when no date is specified. When provided, allows filtering within the last 8 days only - dates older than 8 days or future dates will be rejected. Must be used with `startedAt` parameter. Example: `"2021-01-30T23:59:59Z"`
`sort` (query parameter)	string	Field name to sort results by. Available fields: `attackName`, `attackStatus`, `attackOutcome`, `firstSeenAt`, `lastSeenAt`, `attackTypes`, `applicationName`, `tierName`, `btName`. Field names are case-insensitive. Example: `"attackName"`
`order` (query parameter)	string	Sort order direction for the specified sort field. Available values: `ASC`, `DESC`. Default value: `DESC` Example: `"DESC"`
`filter` (query parameter)	string	SCIM filter expression for result filtering as defined in RFC 7644. Supports operators: `eq` (equals), `co` (contains). Filterable fields: `attackName`, `attackStatus`, `attackOutcome`, `attackTypes` (array), `applicationName`, `tierName`, `businessTransactionName`, `businessTransactionId` (UUID). Field names are case-insensitive. Example: `"attackStatus eq OPEN"`
`max` (query parameter)	integer	Maximum number of results per page for pagination. Controls the size of the result set returned. Must be a valid integer. Default value: `10` Example: `25`
`offset` (query parameter)	integer	Number of results to skip for pagination. Used to retrieve subsequent pages of results. Must be a valid integer. Default value: `0` Example: `0`
`applicationId` (query parameter)	integer	Global application filter to restrict output to a specific application. Use `appdApplicationId` value from previous API responses to filter attacks by application context. Example: `12345`
`tierId` (query parameter)	integer	Global tier filter to restrict output to a specific tier. Use `appdTierId` value from previous API responses to filter attacks by tier context. Example: `67890`

Responses

Code 200

Successfully retrieved detailed attack summary information:

{
  "appdApplicationId": 0,
  "appdBtId": 0,
  "appdTierId": 0,
  "applicationId": "string",
  "applicationName": "string",
  "attackName": "string",
  "attackNote": "string",
  "attackOutcome": "string",
  "attackSource": "string",
  "attackStatus": "string",
  "attackSummaryId": "string",
  "attackTypes": "string",
  "btName": "string",
  "btUuid": "string",
  "firstSeenAt": "string",
  "keyInfo": "string",
  "lastSeenAt": "string",
  "tierId": "string",
  "tierName": "string"
}

Code 400

Bad Request - Invalid or malformed UUID format:

{
  "error": "string"
}

Code 500

Internal Server Error:

{
  "error": "string"
}

Get Attack Details

Returns detailed information about a specific attack identified by its UUID. Provides comprehensive attack summary with all related context information including attack classification, timeline, associated application/tier context, business transaction details, and security assessment data. Use this endpoint to retrieve complete information about a specific security attack incident.

GET controller/argento/public-api/v1/attacks/{attackSummaryId}

Parameters


Name	Type	Description
`attackSummaryId` (path parameter, required)	string	Attack Summary UUID for retrieving specific attack details. Example: `"a1b2c3d4-e5f6-7890-abcd-ef1234567890"`
`startedAt` (query parameter)	string	Start time boundary for time-based filtering of attacks in RFC3339 format with timezone support. API returns data for the last 8 days by default when no date is specified. When provided, allows filtering within the last 8 days only - dates older than 8 days or future dates will be rejected. Must be used with `endedAt` parameter. Example: `"2021-01-30T08:30:00Z"`
`endedAt` (query parameter)	string	End time boundary for time-based filtering of attacks in RFC3339 format with timezone support. API returns data for the last 8 days by default when no date is specified. When provided, allows filtering within the last 8 days only - dates older than 8 days or future dates will be rejected. Must be used with `startedAt` parameter. Example: `"2021-01-30T23:59:59Z"`
`sort` (query parameter)	string	Field name to sort results by. Available fields: `attackName`, `attackStatus`, `attackOutcome`, `firstSeenAt`, `lastSeenAt`, `attackTypes`, `applicationName`, `tierName`, `btName`. Field names are case-insensitive. Example: `"attackName"`
`order` (query parameter)	string	Sort order direction for the specified sort field. Available values: `ASC`, `DESC`. Default value: `DESC` Example: `"DESC"`
`filter` (query parameter)	string	SCIM filter expression for result filtering as defined in RFC 7644. Supports operators: `eq` (equals), `co` (contains). Filterable fields: `attackName`, `attackStatus`, `attackOutcome`, `attackTypes` (array), `applicationName`, `tierName`, `businessTransactionName`, `businessTransactionId` (UUID). Field names are case-insensitive. Example: `"attackStatus eq OPEN"`
`max` (query parameter)	integer	Maximum number of results per page for pagination. Controls the size of the result set returned. Must be a valid integer. Default value: `10` Example: `25`
`offset` (query parameter)	integer	Number of results to skip for pagination. Used to retrieve subsequent pages of results. Must be a valid integer. Default value: `0` Example: `0`
`applicationId` (query parameter)	integer	Global application filter to restrict output to a specific application. Use `appdApplicationId` value from previous API responses to filter attacks by application context. Example: `12345`
`tierId` (query parameter)	integer	Global tier filter to restrict output to a specific tier. Use `appdTierId` value from previous API responses to filter attacks by tier context. Example: `67890`

Responses

Code 200

Successfully retrieved detailed attack summary information:

{
  "appdApplicationId": 0,
  "appdBtId": 0,
  "appdTierId": 0,
  "applicationId": "string",
  "applicationName": "string",
  "attackName": "string",
  "attackNote": "string",
  "attackOutcome": "string",
  "attackSource": "string",
  "attackStatus": "string",
  "attackSummaryId": "string",
  "attackTypes": "string",
  "btName": "string",
  "btUuid": "string",
  "firstSeenAt": "string",
  "keyInfo": "string",
  "lastSeenAt": "string",
  "tierId": "string",
  "tierName": "string"
}

Code 400

Bad Request - Invalid or malformed UUID format:

{
  "error": "string"
}

Code 500

Internal Server Error:

{
  "error": "string"
}

Get Business Transaction List

Retrieves a paginated and filterable list of all business transactions accessible to the tenant. Supports SCIM-based filtering for result filtering, flexible sorting by multiple fields, time-based queries, and standard pagination. Results include comprehensive business transaction metadata including transaction names, performance metrics, associated applications/tiers, security status, and vulnerability counts. Use this endpoint to browse and search through all business transactions in your environment.

GET controller/argento/public-api/v1/businessTransactions

Parameters


Name	Type	Description
`startedAt` (query parameter)	string	Start time boundary for time-based filtering of business transactions in RFC3339 format with timezone support. Filters transactions that were active at or after this timestamp. Future dates are rejected with `'date is in the future'` error message. Example: `"2021-01-30T08:30:00Z"`
`endedAt` (query parameter)	string	End time boundary for time-based filtering of business transactions in RFC3339 format with timezone support. Filters transactions that were active at or before this timestamp. Future dates are rejected with 'date is in the future' error message. Example: `"2021-01-30T23:59:59Z"`
`sort` (query parameter)	string	Field name to sort results by. Supported fields include business transaction metadata, performance metrics, application/tier information, and security status fields. Specify the exact field name for sorting. Example: `"businessTransactionName"`
`order` (query parameter)	string	Sort order direction for the specified sort field. Must be uppercase. Available values: `ASC`, `DESC`. Default value: `DESC` Example: `"DESC"`
`filter` (query parameter)	string	SCIM filter expression for result filtering. Supports operators: `eq` (equals), `co` (contains). Filterable fields include business transaction metadata, application/tier information, and security status fields. Field names are case-insensitive. Example: `"businessTransactionName eq "login""`
`max` (query parameter)	integer	Maximum number of results per page for pagination. Controls the size of the result set returned. Must be a valid integer. Default value: `10` Example: `25`
`offset` (query parameter)	integer	Number of results to skip for pagination. Used to retrieve subsequent pages of results. Must be a valid integer. Default value: `0` Example: `0`
`applicationId` (query parameter)	integer	Global application filter to restrict output to a specific application. Use `appdApplicationId` value from previous API responses to filter business transactions by application context. Example: `12345`
`tierId` (query parameter)	integer	Global tier filter to restrict output to a specific tier. Use `appdTierId` value from previous API responses to filter business transactions by tier context. Example: `67890`

Responses

Code 200

Successfully retrieved paginated list of business transactions with total count and items array:

{
  "items": [
    {
      "appdApplicationId": 0,
      "appdBusinessTransactionId": 0,
      "applicationId": "string",
      "applicationName": "string",
      "attackOutcomeCountAttempted": 0,
      "attackOutcomeCountBlocked": 0,
      "attackOutcomeCountExploited": 0,
      "brmTitle": "string",
      "businessRiskScore": 0,
      "businessTransactionId": "string",
      "businessTransactionName": "string",
      "entryTierAppdId": 0,
      "entryTierId": "string",
      "entryTierName": "string",
      "riskScore": 0,
      "severityCountCritical": 0,
      "severityCountHigh": 0,
      "severityCountLow": 0,
      "severityCountMedium": 0,
      "tierCount": 0,
      "totalAttackCount": 0,
      "totalVulnCount": 0
    }
  ],
  "total": 0
}

Code 400

Bad Request - Invalid query parameters, invalid time format, unsupported SCIM filter expressions, or invalid sort fields:

{
  "error": "string"
}

Code 500

Internal Server Error:

{
  "error": "string"
}

Get Business Transaction Details

Returns detailed information about a specific business transaction identified by its UUID. Provides comprehensive business transaction details including transaction metadata, performance metrics, associated applications/tiers, security status, vulnerability information, and execution patterns. Use this endpoint to retrieve complete information about a specific business transaction in your environment.

GET controller/argento/public-api/v1/businessTransactions/{businessTransactionId}

Parameters


Name	Type	Description
`businessTransactionId` (path parameter, required)	string	Business Transaction ID in UUID format for retrieving specific transaction details. Must be a valid UUID. Example: `"a1b2c3d4-e5f6-7890-abcd-ef1234567890"`

Responses

Code 200

Successfully retrieved detailed business transaction information:

{
  "appdApplicationId": 0,
  "appdBusinessTransactionId": 0,
  "applicationId": "string",
  "applicationName": "string",
  "brmTitle": "string",
  "businessRiskScore": 0,
  "businessTransactionName": "string",
  "entryTierAppdId": 0,
  "entryTierId": "string",
  "entryTierName": "string",
  "riskScore": 0,
  "riskScoreCard": "string"
}

Code 400

Bad Request - Invalid or malformed UUID format:

{
  "error": "string"
}

Code 500

Internal Server Error:

{
  "error": "string"
}

Get Library List

Retrieves a paginated and filterable list of all libraries accessible to the tenant. Supports SCIM-based filtering for result filtering, flexible sorting by multiple fields, time-based queries, and standard pagination. Results include comprehensive library metadata including package information, version details, associated applications/tiers, vulnerability counts, and security status. Use this endpoint to browse and search through all third-party libraries detected in your environment.

GET controller/argento/public-api/v1/libraries

Parameters


Name	Type	Description
`startedAt` (query parameter)	string	Start time boundary for time-based filtering of libraries in RFC3339 format with timezone support. API returns data for the last 8 days by default when no date is specified. When provided, allows filtering within the last 8 days only - dates older than 8 days or future dates will be rejected. Example: `"2021-01-30T08:30:00Z"`
`endedAt` (query parameter)	string	End time boundary for time-based filtering of libraries in RFC3339 format with timezone support. API returns data for the last 8 days by default when no date is specified. When provided, allows filtering within the last 8 days only - dates older than 8 days or future dates will be rejected. Example: `"2021-01-30T23:59:59Z"`
`sort` (query parameter)	string	Field name to sort results by. Available fields: `libraryId`, `packageId`, `packageLanguage`, `packageName`, `packageVersion`, `packageCanonicalName`, `appdTierId`, `tierName`, `tierId`, `appdApplicationId`, `applicationName`, `applicationId`, `riskScore`, `severity`, `severityCountCritical`, `severityCountHigh`, `severityCountMedium`, `severityCountLow`, `totalVulnCount`, `status`, `affectedNodeCount`, `filePath`. Field names are case-insensitive. Example: `"packageName"`
`order` (query parameter)	string	Sort order direction for the specified sort field. Must be uppercase. Available values: `ASC`, `DESC`. Default value: `DESC` Example: `"DESC"`
`filter` (query parameter)	string	SCIM filter expression for result filtering as defined in RFC 7644. Supports operators: `eq` (equals), `co` (contains). Filterable fields include library metadata, application/tier information, and security status fields. Field names are case-insensitive. Example: `"applicationName eq webapp"`
`max` (query parameter)	integer	Maximum number of results per page for pagination. Controls the size of the result set returned. Must be a valid integer. Default value: `10` Example: `25`
`offset` (query parameter)	integer	Number of results to skip for pagination. Used to retrieve subsequent pages of results. Must be a valid integer. Default value: `0` Example: `0`
`applicationId` (query parameter)	integer	Global application filter to restrict output to a specific application. Use `appdApplicationId` value from previous API responses to filter libraries by application context. Example: `12345`
`tierId` (query parameter)	integer	Global tier filter to restrict output to a specific tier. Use `appdTierId` value from previous API responses to filter libraries by tier context. Example: `67890`

Responses

Code 200

Successfully retrieved paginated list of libraries with total count and items array:

{
  "items": [
    {
      "active_internet_breach": true,
      "affectedNodeCount": 0,
      "appdApplicationId": 0,
      "appdTierId": 0,
      "applicationId": "string",
      "applicationName": "string",
      "easily_exploitable": true,
      "filePath": "string",
      "kennaRiskScore": 0,
      "libraryId": "string",
      "malware_exploitable": true,
      "packageCanonicalName": "string",
      "packageId": "string",
      "packageLanguage": "string",
      "packageName": "string",
      "packageVersion": "string",
      "popular_target": true,
      "predicted_exploitable": true,
      "recommendedVersion": "string",
      "remote_code_execution": true,
      "riskScore": 0,
      "severity": "string",
      "severityCountCritical": 0,
      "severityCountHigh": 0,
      "severityCountLow": 0,
      "severityCountMedium": 0,
      "status": "string",
      "tierId": "string",
      "tierName": "string",
      "totalVulnCount": 0
    }
  ],
  "total": 0
}

Code 400

Bad Request - Invalid query parameters, invalid time format, unsupported SCIM filter expressions, or invalid sort fields:

{
  "error": "string"
}

Code 500

Internal Server Error:

{
  "error": "string"
}

Get Library Details

Returns detailed information about a specific library identified by its UUID. Provides comprehensive library details including package information, version details, license information, security status, vulnerability counts, and associated applications/tiers. Use this endpoint to retrieve complete information about a specific third-party library in your environment.

GET controller/argento/public-api/v1/libraries/{libraryId}

Parameters


Name	Type	Description
`libraryId` (path parameter, required)	string	Library ID in UUID format for retrieving specific library details. Must be a valid UUID. Example: `"a1b2c3d4-e5f6-7890-abcd-ef1234567890"`
`applicationId` (query parameter)	integer	Global application filter to restrict output to a specific application. Use `appdApplicationId` value from previous API responses to filter library details by application context. Example: `12345`
`tierId` (query parameter)	integer	Global tier filter to restrict output to a specific tier. Use `appdTierId` value from previous API responses to filter library details by tier context. Example: `67890`

Responses

Code 200

Successfully retrieved detailed library information:

{
  "affectedNodeCount": 0,
  "appdApplicationId": 0,
  "appdTierId": 0,
  "applicationId": "string",
  "applicationName": "string",
  "filePath": "string",
  "highestCvssScoreCveId": "string",
  "highestCvssScoreCveName": "string",
  "highestCvssScoreCveTitle": "string",
  "highestKennaRiskScoreCveId": "string",
  "highestKennaRiskScoreCveName": "string",
  "highestKennaRiskScoreCveTitle": "string",
  "kennaRiskScore": 0,
  "libraryId": "string",
  "packageCanonicalName": "string",
  "packageId": "string",
  "packageLanguage": "string",
  "packageName": "string",
  "packageVersion": "string",
  "recommendedVersion": "string",
  "riskScore": 0,
  "severity": "string",
  "status": "string",
  "tierId": "string",
  "tierName": "string"
}

Code 400

Bad Request - Invalid or malformed UUID format:

{
  "error": "string"
}

Code 500

Internal Server Error:

{
  "error": "string"
}

Get Business Risk Score

Retrieves business risk score by application and business transaction based on the provided query parameters.

GET controller/argento/public-api/v1/stats/businessRisk

Parameters


Name	Type	Description
`btId` (query parameter)	string	Business Transaction ID, in UUID format. Example: `"a1b2c3d4-e5f6-7890-abcd-ef1234567890"`
`applicationId` (query parameter)	integer	Global application filter, to restrict output to one application only use `appdApplicationId` value from response. Example: `12345`
`tierId` (query parameter)	integer	Global tier filter, to restrict output to one tier only. Use `appdTierId` value from response. Example: `0`

Responses

Code 200

Successful retrieval of business risk score:

{
  "brmTitle": "string",
  "businessRiskScore": 0
}

Code 400

Bad Request:

{
  "error": "string"
}

Code 500

Internal Server Error:

{
  "error": "string"
}

Get Vulnerability List

Retrieves a paginated and filterable list of all vulnerabilities accessible to the tenant. Supports SCIM-based filtering for result filtering, flexible sorting by multiple fields, time-based queries, and standard pagination. Results include comprehensive vulnerability metadata including CVE information, severity assessments, affected applications/tiers, package details, and risk scoring data. Use this endpoint to browse and search through all security vulnerabilities detected in your environment.

GET controller/argento/public-api/v1/vulnerabilities

Parameters


Name	Type	Description
`startedAt` (query parameter)	string	Start time boundary for time-based filtering of vulnerabilities in RFC3339 format with timezone support. API returns data for the last 8 days by default when no date is specified. When provided, allows filtering within the last 8 days only - dates older than 8 days or future dates will be rejected. Example: `"2021-01-30T08:30:00Z"`
`endedAt` (query parameter)	string	End time boundary for time-based filtering of vulnerabilities in RFC3339 format with timezone support. API returns data for the last 8 days by default when no date is specified. When provided, allows filtering within the last 8 days only - dates older than 8 days or future dates will be rejected. Example: `"2021-01-30T23:59:59Z"`
`sort` (query parameter)	string	Field name to sort results by. Available fields: `severity`, `status`, `riskScore`, `kennaScore`, `firstSeenAt`, `lastSeenAt`, `cveName`, `cveTitle`, `applicationName`, `tierName`, `packageCanonicalName`, `packageLanguage`, `affectedNodeCount`, `hasAttacks`, `hasEvent`, `cvePublishDate`. Field names are case-insensitive. Example: `"severity"`
`order` (query parameter)	string	Sort order direction for the specified sort field. Must be uppercase. Available values: `ASC`, `DESC`. Default value: `DESC` Example: `"DESC"`
`filter` (query parameter)	string	SCIM filter expression for result filtering as defined in RFC 7644. Supports operators: `eq` (equals), `co` (contains), `gt` (greater than), `lt` (less than), `ge` (greater than or equal), `le` (less than or equal). Filterable fields: `severity`, `hasEvent`, `cveTitle`, `cveName`, `applicationName`, `tierName`, `packageLanguage`, `status`, `packageCanonicalName`, `kennascore`, `riskScore`, `environment`, `servicename`. Field names are case-insensitive. Example: `"severity eq CRITICAL"`
`max` (query parameter)	integer	Maximum number of results per page for pagination. Controls the size of the result set returned. Must be a valid integer. Default value: `10` Example: `25`
`offset` (query parameter)	integer	Number of results to skip for pagination. Used to retrieve subsequent pages of results. Must be a valid integer. Default value: `0` Example: `0`
`applicationId` (query parameter)	integer	Global application filter to restrict output to a specific application. Use `appdApplicationId` value from previous API responses to filter vulnerabilities by application context. Example: `12345`
`tierId` (query parameter)	integer	Global tier filter to restrict output to a specific tier. Use `appdTierId` value from previous API responses to filter vulnerabilities by tier context. Example: `67890`

Responses

Code 200

Successfully retrieved paginated list of vulnerabilities with total count and items array:

{
  "items": [
    {
      "active_internet_breach": true,
      "affectedNodeCount": 0,
      "appdApplicationId": 0,
      "appdTierId": 0,
      "applicationId": "string",
      "applicationName": "string",
      "attackSummaryId": "string",
      "cveId": "string",
      "cveName": "string",
      "cvePublishDate": "string",
      "cveTitle": "string",
      "cweName": "string",
      "easily_exploitable": true,
      "firstSeenAt": "string",
      "hasAttacks": true,
      "hasEvent": true,
      "hasObservations": true,
      "incidentId": "string",
      "kennaScore": 0,
      "lastSeenAt": "string",
      "libraryId": "string",
      "malware_exploitable": true,
      "packageCanonicalName": "string",
      "packageId": "string",
      "packageLanguage": "string",
      "popular_target": true,
      "predicted_exploitable": true,
      "remediation": "string",
      "remote_code_execution": true,
      "riskScore": 0,
      "severity": "string",
      "status": "Unknown",
      "tierId": "string",
      "tierName": "string"
    }
  ],
  "total": 0
}

Code 400

Bad Request - Invalid query parameters, invalid time format, unsupported SCIM filter expressions, or invalid sort fields:

{
  "error": "string"
}

Code 500

Internal Server Error:

{
  "error": "string"
}

Get Vulnerability Details

Returns detailed information about a specific vulnerability identified by its CVE ID UUID. Provides comprehensive vulnerability details including CVE classification, severity assessment, affected applications/tiers, package information, risk scoring, and remediation guidance. Use this endpoint to retrieve complete information about a specific security vulnerability incident.

GET controller/argento/public-api/v1/vulnerabilities/{cveId}

Parameters


Name	Type	Description
`cveId` (path parameter, required)	string	CVE ID in UUID format for retrieving specific vulnerability details. Must be a valid UUID. Example: `"a1b2c3d4-e5f6-7890-abcd-ef1234567890"`

Responses

Code 200

Successfully retrieved detailed vulnerability information:

{
  "createdAt": "string",
  "cveId": "string",
  "cveTitle": "string",
  "cvss3BaseScore": 0,
  "cvss3VectorString": "string",
  "cweName": "string",
  "description": "string",
  "kenna": {
    "active_internet_breach": true,
    "easily_exploitable": true,
    "malware_exploitable": true,
    "popular_target": true,
    "predicted_exploitable": true,
    "remote_code_execution": true,
    "risk_score_meter": 0
  },
  "name": "string",
  "nvdUrl": "string",
  "publishDate": "string",
  "remediation": "string",
  "severity": "string",
  "updatedAt": "string"
}

Code 400

Bad Request - Invalid or malformed UUID format:

{
  "error": "string"
}

Code 404

Resource not found - Vulnerability not found for the specified CVE ID:

{
  "error": "string"
}

Code 500

Internal Server Error:

{
  "error": "string"
}

Get Tier Nodes

Retrieve a paginated list of nodes for a specific tier with optional SCIM filtering and sorting capabilities. Returns node details including security status, agent counts, and metadata.

GET controller/argento/public-api/v1/tiers/{tierId}/nodes

Parameters


Name	Type	Description
`tierId` (path parameter, required)	string	Tier ID (UUID format) to retrieve nodes for. Must be a valid UUID.
`date` (query parameter)	string	Date and time in RFC3339 format for temporal filtering. Supports both UTC and local timezone offsets. Future dates are rejected with 'date is in the future' error. Example: `"2021-01-30T08:30:00-08:00"`
`max` (query parameter)	integer	Maximum number of items to return per page. Must be a valid integer. Default value: `10`
`offset` (query parameter)	integer	Number of items to skip for pagination. Must be a valid integer. Default value: `0`
`sort` (query parameter)	string	Field name to sort results by. Available fields: `nodejvmid`, `nodesecurityenabled`, `nodesecurityenabledcomputed`, `countapmactive`, `countsupportedagent`, `countsecured`, `countsecurityenabled`, `countready`, `appdnodeagenttype`, `appdnodeagentversion`, `lastactivity`, `lastdependencyreported`. Field names are case-insensitive. Example: `"nodejvmid"`
`order` (query parameter)	string	Sort order for results. Must be 'ASC' for ascending or 'DESC' for descending order. Default value: `"DESC"`
`filter` (query parameter)	string	SCIM filter expression for result filtering. Supports operators: `eq` (equals), `co` (contains). Filterable fields: `nodejvmid`, `nodesecurityenabled`, `nodesecurityenabledcomputed`, `countapmactive`, `countsupportedagent`, `countsecured`, `countsecurityenabled`, `countready`, `appdnodeagenttype`. Field names are case-insensitive. Example: `"nodejvmid eq "java-node-1""`

Responses

Code 200

Successfully retrieved nodes list:

{
  "items": [
    {
      "appdApplicationId": 0,
      "appdNodeId": 0,
      "appdTierId": 0,
      "applicationId": "string",
      "countApmActive": 0,
      "countReady": 0,
      "countSecured": 0,
      "countSecurityEnabled": 0,
      "countSupportedAgent": 0,
      "id": "string",
      "nodeAppdNodeAgentType": "string",
      "nodeAppdNodeAgentVersion": "string",
      "nodeCreatedAt": "string",
      "nodeJvmId": "string",
      "nodeLastCheckinAt": "string",
      "nodeLastDependencyReportAt": "string",
      "nodeSecurityEnabled": true,
      "nodeSecurityEnabledComputed": true,
      "tierId": "string"
    }
  ],
  "total": 0
}

Code 400

Bad Request - Invalid query parameters, malformed SCIM filter expression, or validation error:

{
  "error": "string"
}

Code 500

Internal Server Error:

{
  "error": "string"
}

Update the Security Status for an Application

Updates the securityEnabled status for a specific application based on the provided resource ID.

PATCH controller/argento/public-api/v1/applications/{resourceId}

Parameters


Name	Type	Description
`resourceId`	string	Resource ID of the application (UUID format). Required.
`body`	object	JSON body containing the `securityEnabled` status. Required. Example: `{ "securityEnabled": true }`

Responses

Code 204

Successful update, no content.

Code 400

Invalid request (such as missing or invalid parameters):

{
  "error": "string"
}

Code 404

Resource not found:

{
  "error": "string"
}

Code 500

Internal server error:

{
  "error": "string"
}

Update the Security Status for a Node

Update the security enablement status for a specific application, tier, or node resource. This endpoint supports updating the securityEnabled flag for different resource types based on the route path used.

PATCH controller/argento/public-api/v1/nodes/{resourceId}

Parameters


Name	Type	Description
`resourceId` (path parameter, required)	string	Resource ID (UUID format) of the application, tier, or node to update. Must be a valid UUID.
Request Body (required)	object	JSON body containing the security enablement status. The `securityEnabled` field accepts boolean values (true/false) or null. Example: `{ "securityEnabled": true }`

Responses

Code 204

Successfully updated resource security settings.

Code 400

Bad Request - Invalid resource ID format, missing request body, or validation error:

{
  "error": "string"
}

Code 500

Internal Server Error:

{
  "error": "string"
}

Update the Security Status for a Tier

PATCH controller/argento/public-api/v1/tiers/{resourceId}

Parameters


Name	Type	Description
`resourceId` (path parameter, required)	string	Resource ID (UUID format) of the application, tier, or node to update. Must be a valid UUID.
Request Body (required)	object	JSON body containing the security enablement status. The `securityEnabled` field accepts boolean values (true/false) or null. Example: `{ "securityEnabled": true }`

Responses

Code 204

Successfully updated resource security settings.

Code 400

Bad Request - Invalid resource ID format, missing request body, or validation error:

{
  "error": "string"
}

Code 500

Internal Server Error:

{
  "error": "string"
}

Download Swagger YAML Specification

Download the Swagger YAML specification.