Get scan alert message
/api/v1/scan/{scanId}/uri/{alertUriId}/messages/{messageId} Scan Alert Messages
Provides the scan alert and message payloads (request and response) identified with the finding.
Alert Message Response
The overall container with details for this specific scan alert.
| Parameter | Default | Description |
|---|---|---|
| scanMessage | {} | The scan message container that holds request and response details. |
| uri | "" | The uri or path of the alert finding. |
| evidence | "" | The associated evidence of the alert finding. |
| otherInfo | "" | Additional info associated with this alert finding. |
| description | "" | The details of the alert finding. |
| param | "" | Parameters associated with this alert finding. |
| validationCommand | "" | The generated validation command (e.g., curl) to reproduce the request. |
| findingHash | "" | The SHA-256 finding hash — a stable identifier for this finding across scans. |
Validation Command
To include a validation command in the response, set the includeValidationCommand query parameter to true:
GET /api/v1/scan/{scanId}/uri/{alertUriId}/messages/{messageId}?includeValidationCommand=true
When enabled, the validationCommand field contains a formatted command that can be used to reproduce the request that triggered this finding. This command includes:
- The HTTP method (GET, POST, etc.)
- The full URL with the application host prepended to relative paths
- All request headers formatted as
-H "Header: Value"flags - The request body (if present) with proper shell escaping
This allows you to easily validate and reproduce findings by copying and pasting the command into your terminal.
Note: By default, includeValidationCommand is false and the validation command will not be generated.
Scan Message
The request sent and response received by the scanner.
| Parameter | Default | Description |
|---|---|---|
| id | "" | The unique identifier for the message. |
| requestHeader | "" | All request headers. |
| cookieParams | "" | All request cookies. |
| requestBody | "" | The request body. |
| responseHeader | "" | The response headers. |
| responseBody | "" | The response body. |
See the Scan Results Analysis guide for further details on how to use these endpoints.
Requires
read:scanpermission.
Path parameters
scanIdstring · uuidrequiredUUID identifier for this StackHawk Scan.
alertUriIdstringrequiredThe unique id for the alert uri.
messageIdstringrequiredThe unique id for the message.
Query parameters
includeValidationCommandbooleanWhen true, includes a generated validation command (curl) in the response for reproducing the request. Default is false.
falseResponse
OK
The details of the alert finding.
The associated evidence of the alert finding.
The SHA-256 finding hash — a stable identifier for this finding across scans.
Additional info associated with this alert finding.
Parameters associated with this alert finding.
The uri or path of the alert finding.
The generated validation command (e.g., curl) to reproduce the request.
The details of the alert finding.
The associated evidence of the alert finding.
The SHA-256 finding hash — a stable identifier for this finding across scans.
Additional info associated with this alert finding.
Parameters associated with this alert finding.
The uri or path of the alert finding.
The generated validation command (e.g., curl) to reproduce the request.
Unauthorized