Findings

This document uses the REST API. For more details, see the Authentication for API page.

List findings for a test. (Early Access)

get

List findings for a test.

Required permissions

View Organization (org.read)

Authorizations

AuthorizationstringRequired

API key value must be prefixed with "Token ".

Path parameters

org_idstring · uuidRequired

The org id

test_idstring · uuidRequired

The test id

Query parameters

versionstringRequired

The API version requested.

starting_afterstringOptional

Opaque pagination cursor for forward traversal.

ending_beforestringOptional

Opaque pagination cursor for reverse traversal.

limitinteger · int8 · min: 1 · max: 100Optional

The number of items to return.

Default: 10

Header parameters

snyk-request-idstring · uuidOptional

A unique ID assigned to each API request, for tracing and troubleshooting.

Snyk clients can optionally provide this ID.

snyk-interaction-idstring · min: 36 · max: 128Optional

Identifies the Snyk client interaction in which this API request occurs.

The identifier is an opaque string. though at the time of writing it may either be a uuid or a urn containing a uuid and some metadata.

Responses

200

Successful API response for a paginated collection.

application/vnd.api+json

400

Invalid input

application/vnd.api+json

get

/orgs/{org_id}/tests/{test_id}/findings

GET /rest/orgs/{org_id}/tests/{test_id}/findings?version=text HTTP/1.1
Host: api.snyk.io
Authorization: YOUR_API_KEY
Accept: */*

{
  "data": [
    {
      "attributes": {
        "cause_of_failure": false,
        "description": "text",
        "evidence": [
          {
            "path": [
              {
                "name": "my-app:1.0.0",
                "version": "log4j:2.4.1"
              }
            ],
            "source": "dependency_path"
          }
        ],
        "finding_type": "sca",
        "key": "text",
        "locations": [
          {
            "package": {
              "name": "log4j",
              "version": "2.4.1"
            },
            "type": "package"
          }
        ],
        "policy_modifications": [
          {
            "pointer": "/rating/severity",
            "policy": "local_policy",
            "prior": "low",
            "reason": "CWE-123 poses an elevated risk to workloads exposed to the public internet"
          }
        ],
        "problems": [
          {
            "id": "CWE-943",
            "source": "cwe"
          },
          {
            "default_configuration": {
              "severity": "high"
            },
            "help": {
              "markdown": "help text goes here"
            },
            "id": "javascript/NoSqli",
            "name": "NoSqli",
            "properties": {
              "categories": [
                "Security"
              ],
              "cwe": [
                "CWE-943"
              ],
              "example_commit_descriptions": [],
              "example_commit_fixes": [],
              "precision": "very-high",
              "repo_dataset_size": 30,
              "tags": [
                "javascript",
                "NoSqli"
              ]
            },
            "short_description": {
              "text": "NoSQL Injection"
            },
            "source": "snyk_code_rule"
          }
        ],
        "rating": {
          "severity": "critical"
        },
        "risk": {
          "risk_score": {
            "value": 1
          }
        },
        "suppression": {
          "created_at": "2025-12-24T13:44:31.084Z",
          "expires_at": "2025-12-24T13:44:31.084Z",
          "justification": "text",
          "path": [
            "text"
          ],
          "policy": "local_policy",
          "skipIfFixable": true,
          "status": "ignored"
        },
        "title": "text"
      },
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "links": {
        "snyk_advisory": "https://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHELOGGINGLOG4J-2314720",
        "snyk_learn": "https://learn.snyk.io/lesson/csrf-attack/"
      },
      "relationships": {
        "asset": {
          "data": {
            "id": "123e4567-e89b-12d3-a456-426614174000",
            "type": "text"
          },
          "links": {
            "related": "https://example.com"
          },
          "meta": {
            "ANY_ADDITIONAL_PROPERTY": "anything"
          }
        },
        "fix": {
          "data": {
            "attributes": {
              "action": {
                "format": "upgrade_package_advice",
                "package_name": "lodash",
                "upgrade_paths": [
                  {
                    "dependency_path": [
                      {
                        "name": "lodash",
                        "version": "2.1.1"
                      },
                      {
                        "name": "minimist",
                        "version": "4.7.6"
                      }
                    ],
                    "is_drop": false
                  }
                ]
              },
              "outcome": "fully_resolved"
            },
            "id": "123e4567-e89b-12d3-a456-426614174000",
            "type": "text"
          }
        },
        "org": {
          "data": {
            "id": "123e4567-e89b-12d3-a456-426614174000",
            "type": "text"
          }
        },
        "policy": {
          "data": {
            "attributes": {
              "policies": [
                {
                  "applied_policy": {
                    "action_type": "severity-change",
                    "policy_ref": {
                      "id": "123e4567-e89b-12d3-a456-426614174000",
                      "owner": "org"
                    },
                    "rule": {
                      "created": "2025-12-24T13:44:31.084Z",
                      "id": "123e4567-e89b-12d3-a456-426614174000",
                      "modified": "2025-12-24T13:44:31.084Z",
                      "name": "text",
                      "review": "approved"
                    },
                    "severity_change": {
                      "new_severity": "critical",
                      "original_severity": "critical"
                    }
                  },
                  "id": "123e4567-e89b-12d3-a456-426614174000",
                  "type": "legacy_policy_snapshot"
                }
              ]
            },
            "id": "123e4567-e89b-12d3-a456-426614174000",
            "type": "text"
          },
          "links": {
            "related": "https://example.com"
          },
          "meta": {
            "ANY_ADDITIONAL_PROPERTY": "anything"
          }
        },
        "test": {
          "data": {
            "id": "123e4567-e89b-12d3-a456-426614174000",
            "type": "text"
          },
          "links": {
            "related": "https://example.com"
          },
          "meta": {
            "ANY_ADDITIONAL_PROPERTY": "anything"
          }
        }
      },
      "type": "findings"
    }
  ],
  "jsonapi": {
    "version": "1.0"
  },
  "links": {
    "first": "https://example.com",
    "last": "https://example.com",
    "next": "https://example.com",
    "prev": "https://example.com",
    "self": "https://example.com"
  },
  "meta": {
    "ANY_ADDITIONAL_PROPERTY": "anything"
  }
}

PreviousExport NextGroup

Last updated 3 months ago

Was this helpful?

{ "data": [ { "attributes": { "cause_of_failure": false, "description": "text", "evidence": [ { "path": [ { "name": "my-app:1.0.0", "version": "log4j:2.4.1" } ], "source": "dependency_path" } ], "finding_type": "sca", "key": "text", "locations": [ { "package": { "name": "log4j", "version": "2.4.1" }, "type": "package" } ], "policy_modifications": [ { "pointer": "/rating/severity", "policy": "local_policy", "prior": "low", "reason": "CWE-123 poses an elevated risk to workloads exposed to the public internet" } ], "problems": [ { "id": "CWE-943", "source": "cwe" }, { "default_configuration": { "severity": "high" }, "help": { "markdown": "help text goes here" }, "id": "javascript/NoSqli", "name": "NoSqli", "properties": { "categories": [ "Security" ], "cwe": [ "CWE-943" ], "example_commit_descriptions": [], "example_commit_fixes": [], "precision": "very-high", "repo_dataset_size": 30, "tags": [ "javascript", "NoSqli" ] }, "short_description": { "text": "NoSQL Injection" }, "source": "snyk_code_rule" } ], "rating": { "severity": "critical" }, "risk": { "risk_score": { "value": 1 } }, "suppression": { "created_at": "2025-12-24T13:44:31.084Z", "expires_at": "2025-12-24T13:44:31.084Z", "justification": "text", "path": [ "text" ], "policy": "local_policy", "skipIfFixable": true, "status": "ignored" }, "title": "text" }, "id": "123e4567-e89b-12d3-a456-426614174000", "links": { "snyk_advisory": "https://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHELOGGINGLOG4J-2314720", "snyk_learn": "https://learn.snyk.io/lesson/csrf-attack/" }, "relationships": { "asset": { "data": { "id": "123e4567-e89b-12d3-a456-426614174000", "type": "text" }, "links": { "related": "https://example.com" }, "meta": { "ANY_ADDITIONAL_PROPERTY": "anything" } }, "fix": { "data": { "attributes": { "action": { "format": "upgrade_package_advice", "package_name": "lodash", "upgrade_paths": [ { "dependency_path": [ { "name": "lodash", "version": "2.1.1" }, { "name": "minimist", "version": "4.7.6" } ], "is_drop": false } ] }, "outcome": "fully_resolved" }, "id": "123e4567-e89b-12d3-a456-426614174000", "type": "text" } }, "org": { "data": { "id": "123e4567-e89b-12d3-a456-426614174000", "type": "text" } }, "policy": { "data": { "attributes": { "policies": [ { "applied_policy": { "action_type": "severity-change", "policy_ref": { "id": "123e4567-e89b-12d3-a456-426614174000", "owner": "org" }, "rule": { "created": "2025-12-24T13:44:31.084Z", "id": "123e4567-e89b-12d3-a456-426614174000", "modified": "2025-12-24T13:44:31.084Z", "name": "text", "review": "approved" }, "severity_change": { "new_severity": "critical", "original_severity": "critical" } }, "id": "123e4567-e89b-12d3-a456-426614174000", "type": "legacy_policy_snapshot" } ] }, "id": "123e4567-e89b-12d3-a456-426614174000", "type": "text" }, "links": { "related": "https://example.com" }, "meta": { "ANY_ADDITIONAL_PROPERTY": "anything" } }, "test": { "data": { "id": "123e4567-e89b-12d3-a456-426614174000", "type": "text" }, "links": { "related": "https://example.com" }, "meta": { "ANY_ADDITIONAL_PROPERTY": "anything" } } }, "type": "findings" } ], "jsonapi": { "version": "1.0" }, "links": { "first": "https://example.com", "last": "https://example.com", "next": "https://example.com", "prev": "https://example.com", "self": "https://example.com" }, "meta": { "ANY_ADDITIONAL_PROPERTY": "anything" } }