StackHawk Documentation StackHawk Logo HawkDocs
api
profile scans
list profile scan results

No results found

Try different keywords or check your spelling

Search documentation

Find guides, API references, and more

esc

List profile scan results

GET /api/v1/app/{appId}/profile/results/list

Retrieves a paginated list of profile scan results for an application.

Requires read:scan permission.

Path parameters

appIdstring · uuidrequired

UUID identifier for this StackHawk Application.

Query parameters

limitinteger · int32

Maximum number of results to return (default 10, max 50).

default: 10

Response

OK

application/json
profileScanResults
scanresults.ProfileScanResult[]
Hide child attributesShow child attributes
profileScanResults.assets
scanresults.AssetInventory
Hide child attributesShow child attributes
profileScanResults.assets.assetSummary
scanresults.AssetSummary
Hide child attributesShow child attributes
profileScanResults.assets.assetSummary.dynamicContent
scanresults.AssetCategoryCount
Hide child attributesShow child attributes
profileScanResults.assets.assetSummary.dynamicContent.count
integer<int32>
profileScanResults.assets.assetSummary.dynamicContent.sampleUrls
string[]
profileScanResults.assets.assetSummary.dynamicContent.totalSizeBytes
integer<int64>
profileScanResults.assets.assetSummary.scripts
scanresults.AssetCategoryCount
Hide child attributesShow child attributes
profileScanResults.assets.assetSummary.scripts.count
integer<int32>
profileScanResults.assets.assetSummary.scripts.sampleUrls
string[]
profileScanResults.assets.assetSummary.scripts.totalSizeBytes
integer<int64>
profileScanResults.assets.assetSummary.staticMedia
scanresults.AssetCategoryCount
Hide child attributesShow child attributes
profileScanResults.assets.assetSummary.staticMedia.count
integer<int32>
profileScanResults.assets.assetSummary.staticMedia.sampleUrls
string[]
profileScanResults.assets.assetSummary.staticMedia.totalSizeBytes
integer<int64>
profileScanResults.assets.buildStrategy
enum<string>

Build analysis

4 available options
BUILD_SINGLE_BUNDLEBUILD_VENDOR_APP_SPLITBUILD_CODE_SPLIT_OPTIMIZEDBUILD_STRATEGY_UNKNOWN
profileScanResults.assets.optimizationNotes
string[]
profileScanResults.assets.totalAssets
integer<int32>

Summary

profileScanResults.assets.totalSizeBytes
integer<int64>
profileScanResults.authConfigPresent
boolean
profileScanResults.authMarkers
scanresults.AuthMarker[]

Authentication markers detected

Hide child attributesShow child attributes
profileScanResults.authMarkers.confidence
enum<string>
3 available options
AUTH_CONFIDENCE_LOWAUTH_CONFIDENCE_MEDIUMAUTH_CONFIDENCE_HIGH
profileScanResults.authMarkers.evidence
string
profileScanResults.authMarkers.signals
scanresults.AuthSignal[]
Hide child attributesShow child attributes
profileScanResults.authMarkers.signals.detail
string
profileScanResults.authMarkers.signals.signalType
enum<string>
8 available options
SIGNAL_PATH_PATTERNSIGNAL_STATUS_CODE_401_403SIGNAL_REDIRECT_TO_AUTHSIGNAL_LOGIN_FORM_DETECTEDSIGNAL_OAUTH_PROMPTSIGNAL_SESSION_COOKIESIGNAL_WWW_AUTHENTICATESIGNAL_CSRF_TOKEN
profileScanResults.authMarkers.type
enum<string>
6 available options
AUTH_LOGIN_FORMAUTH_REDIRECT_TO_AUTHAUTH_SESSION_COOKIEAUTH_OAUTH_ENDPOINTAUTH_WWW_AUTHENTICATEAUTH_PROTECTED_ENDPOINT
profileScanResults.classification
enum<string>

Application classification

5 available options
APP_SPA_WITH_AUTHAPP_API_WITH_AUTHAPP_PUBLIC_WEBSITEAPP_STATIC_SITEAPP_CLASSIFICATION_UNKNOWN
profileScanResults.discoveredOpenapiSpecPath
string

Path where OpenAPI/Swagger spec was discovered (e.g., "/api/v3/api-docs") Empty if no spec was discovered

profileScanResults.paths
scanresults.PathDiscovery
Hide child attributesShow child attributes
profileScanResults.paths.authProtectedCount
integer<int32>
profileScanResults.paths.dynamicCount
integer<int32>
profileScanResults.paths.samplesAuthProtected
scanresults.PathInfo[]
Hide child attributesShow child attributes
profileScanResults.paths.samplesAuthProtected.authEvidence
string
profileScanResults.paths.samplesAuthProtected.method
string
profileScanResults.paths.samplesAuthProtected.url
string
profileScanResults.paths.samplesDynamic
scanresults.PathInfo[]
Hide child attributesShow child attributes
profileScanResults.paths.samplesDynamic.authEvidence
string
profileScanResults.paths.samplesDynamic.method
string
profileScanResults.paths.samplesDynamic.url
string
profileScanResults.paths.samplesStatic
scanresults.PathInfo[]

Sample paths (up to 10 each for UI display)

Hide child attributesShow child attributes
profileScanResults.paths.samplesStatic.authEvidence
string
profileScanResults.paths.samplesStatic.method
string
profileScanResults.paths.samplesStatic.url
string
profileScanResults.paths.staticCount
integer<int32>
profileScanResults.paths.total
integer<int32>

Total counts

profileScanResults.recommendations
string[]

Actionable recommendations

profileScanResults.scanId
string
profileScanResults.score
enum<string>

Testability assessment

3 available options
TESTABILITY_HIGHTESTABILITY_MEDIUMTESTABILITY_LOW
profileScanResults.scoreReasons
string[]
profileScanResults.timestamp
integer<int64>

Unauthorized

Your privacy settings

We use first and third party cookies to ensure that we give you the best experience on our website and in our products.

Privacy Policy