Findings
REST API endpoints for listing, searching, and managing vulnerability findings.
Endpoints for querying and managing vulnerability findings imported from connected scanners.
GET
/api/v1/findings
Auth
List findings with pagination, filtering, and sorting. Supports filters for severity, status, source, asset, and date range.
GET
/api/v1/findings/{id}
Auth
Get a single finding by ID, including CVE references, severity, affected asset, and linked work items.
POST
/api/v1/findings
Auth
Create a finding manually. Typically findings are created automatically via scanner integrations.
PATCH
/api/v1/findings/{id}
Auth
Update a finding's status or severity.
Full schemas
Refer to /api/v1/openapi.json on your Basirah instance for exact request/response schemas,
required fields, and filter parameters.