List scan results
/api/v1/scan/{orgId} List Scans
This endpoint lists the latest scan results that belong to this organization. This endpoint is used to populate the scans page in the StackHawk Platform.
Scan Results are reported relative to a scanned application, and by default are sorted in order of the scan date.
Scan Results are returned paginated and can be requested with the pagination parameters.
The returned list of scans is filtered by the User's API Token Team membership.
Application Scan Results
Calling this endpoint will return paginated applicationScanResults. These scan results additionally correspond
historically to the scanned application.
Each object includes the scan object with details of the underlying point-in-time scan.
The applicationAlerts field is always an empty when returned by this endpoint.
The results of a run of HawkScan, contextual to a scanned application, and other previously triaged findings.
| Parameter | Default | Description |
|---|---|---|
| scan | {} | The results of the finished scan. |
| scanDuration | 0 | Time in seconds the scan took to run. |
| urlCount | 0 | The number of urls scanned. |
| alertStats | {} | Alert statistics of this scan. |
| severityStats | [] | Recordings of scan counts made by severity and statistic. |
| configHash | "" | A hash of the configuration used for this run of HawkScan. |
| appHost | "" | The scanned host endpoint. |
| applicationAlerts | [] | Scan findings contextual to this application and run of HawkScan. |
| timestamp | 0 | Seconds since unix epoch time of when this was run. |
| scanErrors | [] | Errors encountered from this run of HawkScan. |
| scanProgress | {} | Populated progress and scan detail. |
| percentComplete | 0 | Indicates completeness of a STARTED scan in the scan list. ERROR and COMPLETED scans report 100. |
| policyName | "" | Named scan policy used for this run of HawkScan. |
| externalAlertStats | [] | External finding statistics contextual to this scan result. |
| tags | [] | Any tags associated with this scan result. |
| metadata | {} | Any metadata associated with the scan. |
Scan
Represents the core elements of a single HawkScan run. Finished scans will include ScanResults, including alerts of findings contextual to the scanned application. The Scan also represents its current operational state (STARTED / COMPLETED / ERROR). For more information, see Scans.
| Parameter | Default | Description |
|---|---|---|
| id | "" | the UUID identifier of this scan |
| repoId | "" | a hash of the scanned repo git name |
| version | "" | the version of HawkScan used to scan this application |
| applicationId | "" | the UUID applicationId corresponding to the scanned application |
| externalUserId | "" | the UUID identifier of the StackHawk user that started this scan |
| env | "" | the name of the scanned environment |
| status | "UNKNOWN" | the current state of the running scan (STARTED / COMPLETED / ERROR) |
| applicationName | "" | the name of the corresponding scanned application |
| timestamp | 0 | seconds since unix epoch timestamp of when the scan was started |
| envId | "" | the UUID environmentId corresponding to the scanned environment |
| parentScanId | "" | If this scan is a result of a retest, this is the id of the scan it retested |
| metadata | {} | Metadata pertaining to the scan. |
| hawkScanType | "UNKNOWN" | The type of HawkScan execution (traditional, hosted, etc.) |
See the Scan Results Analysis guide for further details on how to use these endpoints.
Requires
read:scanpermission.
Path parameters
orgIdstring · uuidrequiredUUID identifier for this StackHawk Organization.
Query parameters
appIdsstring[]A comma-delimited list of UUID identifiers of StackHawk Applications.
envsstring[]A comma-delimited list of environment names of StackHawk Applications to filter by.
teamIdsstring[]A comma-delimited list of UUID identifiers of StackHawk Teams to filter by.
startinteger · int64Start date to limit results after, in milliseconds from epoch.
0endinteger · int64End date to limit results before, in milliseconds from epoch.
0pageSizeinteger · int32Pagination response size limit.
10pageTokeninteger · int32Pagination request page increment.
0sortFieldstringResource field to sort paginated response by.
2 available options
idnamesortDirstringPaginated results are sorted 'asc' or 'desc'.
2 available options
ascdescapplicationTypesstring[]A list of Application Types.
["STANDARD"]tagstring[]Tag filter in name:value format. Use | for OR (branch:main|develop). Use * for wildcard (branch:feat*). Repeat for AND.
Response
Paginated response of scan results.
found list of application scan results.
pageToken to provide for the next page of results.
total number of results.
found list of application scan results.
pageToken to provide for the next page of results.
total number of results.
Unauthorized