Sync all API Endpoint Vulnerabilities
To send us data related to API endpoint vulnerabilities. Note that you must first sync VulnerableComponent resources before sending us this data, and this sync should reference the uniqueId field in the VulnerableComponent resource.
This call replaces ALL existing ApiEndpointVulnerabilityConnectors resources for the given app and source_id - this is a “state of the world” sync. In other words, if a ApiEndpointVulnerabilityConnectors resource is sent for a user in a previous sync_all call, but is not included in a later sync_all call for that customer, it is assumed to no longer exist and is deleted in Vanta.
** Headers **
Authorization: Bearer <access_token>
** Scopes **
connectors.self:write-resource
** Schema **
Expand the resources array below for the schema of ApiEndpointVulnerabilityConnectors.
curl --request PUT \
--url https://api.vanta.com/v1/resources/api_endpoint_vulnerability_connectors \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"resourceId": "<string>",
"resources": [
{
"displayName": "<string>",
"uniqueId": "<string>",
"externalUrl": "<string>",
"occurrences": [
{
"description": "<string>",
"fromUrl": "<string>",
"queryParams": [
{
"key": "<string>",
"value": "<string>"
}
],
"headers": [
{
"key": "<string>",
"value": "<string>"
}
],
"body": "<string>"
}
],
"severity": 123,
"vulnerableComponentUniqueId": "<string>",
"description": "<string>",
"remediationInstructions": "<string>",
"url": "<string>",
"httpMethod": "<string>",
"cveId": "<string>",
"cvss3Vector": "<string>",
"cvss3Score": 123
}
]
}
'import requests
url = "https://api.vanta.com/v1/resources/api_endpoint_vulnerability_connectors"
payload = {
"resourceId": "<string>",
"resources": [
{
"displayName": "<string>",
"uniqueId": "<string>",
"externalUrl": "<string>",
"occurrences": [
{
"description": "<string>",
"fromUrl": "<string>",
"queryParams": [
{
"key": "<string>",
"value": "<string>"
}
],
"headers": [
{
"key": "<string>",
"value": "<string>"
}
],
"body": "<string>"
}
],
"severity": 123,
"vulnerableComponentUniqueId": "<string>",
"description": "<string>",
"remediationInstructions": "<string>",
"url": "<string>",
"httpMethod": "<string>",
"cveId": "<string>",
"cvss3Vector": "<string>",
"cvss3Score": 123
}
]
}
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}
response = requests.put(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'PUT',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({
resourceId: '<string>',
resources: [
{
displayName: '<string>',
uniqueId: '<string>',
externalUrl: '<string>',
occurrences: [
{
description: '<string>',
fromUrl: '<string>',
queryParams: [{key: '<string>', value: '<string>'}],
headers: [{key: '<string>', value: '<string>'}],
body: JSON.stringify('<string>')
}
],
severity: 123,
vulnerableComponentUniqueId: '<string>',
description: '<string>',
remediationInstructions: '<string>',
url: '<string>',
httpMethod: '<string>',
cveId: '<string>',
cvss3Vector: '<string>',
cvss3Score: 123
}
]
})
};
fetch('https://api.vanta.com/v1/resources/api_endpoint_vulnerability_connectors', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.vanta.com/v1/resources/api_endpoint_vulnerability_connectors",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "PUT",
CURLOPT_POSTFIELDS => json_encode([
'resourceId' => '<string>',
'resources' => [
[
'displayName' => '<string>',
'uniqueId' => '<string>',
'externalUrl' => '<string>',
'occurrences' => [
[
'description' => '<string>',
'fromUrl' => '<string>',
'queryParams' => [
[
'key' => '<string>',
'value' => '<string>'
]
],
'headers' => [
[
'key' => '<string>',
'value' => '<string>'
]
],
'body' => '<string>'
]
],
'severity' => 123,
'vulnerableComponentUniqueId' => '<string>',
'description' => '<string>',
'remediationInstructions' => '<string>',
'url' => '<string>',
'httpMethod' => '<string>',
'cveId' => '<string>',
'cvss3Vector' => '<string>',
'cvss3Score' => 123
]
]
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://api.vanta.com/v1/resources/api_endpoint_vulnerability_connectors"
payload := strings.NewReader("{\n \"resourceId\": \"<string>\",\n \"resources\": [\n {\n \"displayName\": \"<string>\",\n \"uniqueId\": \"<string>\",\n \"externalUrl\": \"<string>\",\n \"occurrences\": [\n {\n \"description\": \"<string>\",\n \"fromUrl\": \"<string>\",\n \"queryParams\": [\n {\n \"key\": \"<string>\",\n \"value\": \"<string>\"\n }\n ],\n \"headers\": [\n {\n \"key\": \"<string>\",\n \"value\": \"<string>\"\n }\n ],\n \"body\": \"<string>\"\n }\n ],\n \"severity\": 123,\n \"vulnerableComponentUniqueId\": \"<string>\",\n \"description\": \"<string>\",\n \"remediationInstructions\": \"<string>\",\n \"url\": \"<string>\",\n \"httpMethod\": \"<string>\",\n \"cveId\": \"<string>\",\n \"cvss3Vector\": \"<string>\",\n \"cvss3Score\": 123\n }\n ]\n}")
req, _ := http.NewRequest("PUT", url, payload)
req.Header.Add("Authorization", "Bearer <token>")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.put("https://api.vanta.com/v1/resources/api_endpoint_vulnerability_connectors")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"resourceId\": \"<string>\",\n \"resources\": [\n {\n \"displayName\": \"<string>\",\n \"uniqueId\": \"<string>\",\n \"externalUrl\": \"<string>\",\n \"occurrences\": [\n {\n \"description\": \"<string>\",\n \"fromUrl\": \"<string>\",\n \"queryParams\": [\n {\n \"key\": \"<string>\",\n \"value\": \"<string>\"\n }\n ],\n \"headers\": [\n {\n \"key\": \"<string>\",\n \"value\": \"<string>\"\n }\n ],\n \"body\": \"<string>\"\n }\n ],\n \"severity\": 123,\n \"vulnerableComponentUniqueId\": \"<string>\",\n \"description\": \"<string>\",\n \"remediationInstructions\": \"<string>\",\n \"url\": \"<string>\",\n \"httpMethod\": \"<string>\",\n \"cveId\": \"<string>\",\n \"cvss3Vector\": \"<string>\",\n \"cvss3Score\": 123\n }\n ]\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.vanta.com/v1/resources/api_endpoint_vulnerability_connectors")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Put.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"resourceId\": \"<string>\",\n \"resources\": [\n {\n \"displayName\": \"<string>\",\n \"uniqueId\": \"<string>\",\n \"externalUrl\": \"<string>\",\n \"occurrences\": [\n {\n \"description\": \"<string>\",\n \"fromUrl\": \"<string>\",\n \"queryParams\": [\n {\n \"key\": \"<string>\",\n \"value\": \"<string>\"\n }\n ],\n \"headers\": [\n {\n \"key\": \"<string>\",\n \"value\": \"<string>\"\n }\n ],\n \"body\": \"<string>\"\n }\n ],\n \"severity\": 123,\n \"vulnerableComponentUniqueId\": \"<string>\",\n \"description\": \"<string>\",\n \"remediationInstructions\": \"<string>\",\n \"url\": \"<string>\",\n \"httpMethod\": \"<string>\",\n \"cveId\": \"<string>\",\n \"cvss3Vector\": \"<string>\",\n \"cvss3Score\": 123\n }\n ]\n}"
response = http.request(request)
puts response.read_body{
"success": true
}Authorizations
The access token received from the authorization server in the OAuth 2.0 flow.
Body
List of resources to sync
Vanta generated identifier for the given resource, and can be found on the developer console page. See the list of registered resources and their IDs on https://app.vanta.com/settings/developer-console/<app_id>?tab=resources
Show child attributes
Show child attributes
Response
The current resources synced.
Was this page helpful?
curl --request PUT \
--url https://api.vanta.com/v1/resources/api_endpoint_vulnerability_connectors \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"resourceId": "<string>",
"resources": [
{
"displayName": "<string>",
"uniqueId": "<string>",
"externalUrl": "<string>",
"occurrences": [
{
"description": "<string>",
"fromUrl": "<string>",
"queryParams": [
{
"key": "<string>",
"value": "<string>"
}
],
"headers": [
{
"key": "<string>",
"value": "<string>"
}
],
"body": "<string>"
}
],
"severity": 123,
"vulnerableComponentUniqueId": "<string>",
"description": "<string>",
"remediationInstructions": "<string>",
"url": "<string>",
"httpMethod": "<string>",
"cveId": "<string>",
"cvss3Vector": "<string>",
"cvss3Score": 123
}
]
}
'import requests
url = "https://api.vanta.com/v1/resources/api_endpoint_vulnerability_connectors"
payload = {
"resourceId": "<string>",
"resources": [
{
"displayName": "<string>",
"uniqueId": "<string>",
"externalUrl": "<string>",
"occurrences": [
{
"description": "<string>",
"fromUrl": "<string>",
"queryParams": [
{
"key": "<string>",
"value": "<string>"
}
],
"headers": [
{
"key": "<string>",
"value": "<string>"
}
],
"body": "<string>"
}
],
"severity": 123,
"vulnerableComponentUniqueId": "<string>",
"description": "<string>",
"remediationInstructions": "<string>",
"url": "<string>",
"httpMethod": "<string>",
"cveId": "<string>",
"cvss3Vector": "<string>",
"cvss3Score": 123
}
]
}
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}
response = requests.put(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'PUT',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({
resourceId: '<string>',
resources: [
{
displayName: '<string>',
uniqueId: '<string>',
externalUrl: '<string>',
occurrences: [
{
description: '<string>',
fromUrl: '<string>',
queryParams: [{key: '<string>', value: '<string>'}],
headers: [{key: '<string>', value: '<string>'}],
body: JSON.stringify('<string>')
}
],
severity: 123,
vulnerableComponentUniqueId: '<string>',
description: '<string>',
remediationInstructions: '<string>',
url: '<string>',
httpMethod: '<string>',
cveId: '<string>',
cvss3Vector: '<string>',
cvss3Score: 123
}
]
})
};
fetch('https://api.vanta.com/v1/resources/api_endpoint_vulnerability_connectors', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.vanta.com/v1/resources/api_endpoint_vulnerability_connectors",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "PUT",
CURLOPT_POSTFIELDS => json_encode([
'resourceId' => '<string>',
'resources' => [
[
'displayName' => '<string>',
'uniqueId' => '<string>',
'externalUrl' => '<string>',
'occurrences' => [
[
'description' => '<string>',
'fromUrl' => '<string>',
'queryParams' => [
[
'key' => '<string>',
'value' => '<string>'
]
],
'headers' => [
[
'key' => '<string>',
'value' => '<string>'
]
],
'body' => '<string>'
]
],
'severity' => 123,
'vulnerableComponentUniqueId' => '<string>',
'description' => '<string>',
'remediationInstructions' => '<string>',
'url' => '<string>',
'httpMethod' => '<string>',
'cveId' => '<string>',
'cvss3Vector' => '<string>',
'cvss3Score' => 123
]
]
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"strings"
"net/http"
"io"
)
func main() {
url := "https://api.vanta.com/v1/resources/api_endpoint_vulnerability_connectors"
payload := strings.NewReader("{\n \"resourceId\": \"<string>\",\n \"resources\": [\n {\n \"displayName\": \"<string>\",\n \"uniqueId\": \"<string>\",\n \"externalUrl\": \"<string>\",\n \"occurrences\": [\n {\n \"description\": \"<string>\",\n \"fromUrl\": \"<string>\",\n \"queryParams\": [\n {\n \"key\": \"<string>\",\n \"value\": \"<string>\"\n }\n ],\n \"headers\": [\n {\n \"key\": \"<string>\",\n \"value\": \"<string>\"\n }\n ],\n \"body\": \"<string>\"\n }\n ],\n \"severity\": 123,\n \"vulnerableComponentUniqueId\": \"<string>\",\n \"description\": \"<string>\",\n \"remediationInstructions\": \"<string>\",\n \"url\": \"<string>\",\n \"httpMethod\": \"<string>\",\n \"cveId\": \"<string>\",\n \"cvss3Vector\": \"<string>\",\n \"cvss3Score\": 123\n }\n ]\n}")
req, _ := http.NewRequest("PUT", url, payload)
req.Header.Add("Authorization", "Bearer <token>")
req.Header.Add("Content-Type", "application/json")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}HttpResponse<String> response = Unirest.put("https://api.vanta.com/v1/resources/api_endpoint_vulnerability_connectors")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"resourceId\": \"<string>\",\n \"resources\": [\n {\n \"displayName\": \"<string>\",\n \"uniqueId\": \"<string>\",\n \"externalUrl\": \"<string>\",\n \"occurrences\": [\n {\n \"description\": \"<string>\",\n \"fromUrl\": \"<string>\",\n \"queryParams\": [\n {\n \"key\": \"<string>\",\n \"value\": \"<string>\"\n }\n ],\n \"headers\": [\n {\n \"key\": \"<string>\",\n \"value\": \"<string>\"\n }\n ],\n \"body\": \"<string>\"\n }\n ],\n \"severity\": 123,\n \"vulnerableComponentUniqueId\": \"<string>\",\n \"description\": \"<string>\",\n \"remediationInstructions\": \"<string>\",\n \"url\": \"<string>\",\n \"httpMethod\": \"<string>\",\n \"cveId\": \"<string>\",\n \"cvss3Vector\": \"<string>\",\n \"cvss3Score\": 123\n }\n ]\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://api.vanta.com/v1/resources/api_endpoint_vulnerability_connectors")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Put.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"resourceId\": \"<string>\",\n \"resources\": [\n {\n \"displayName\": \"<string>\",\n \"uniqueId\": \"<string>\",\n \"externalUrl\": \"<string>\",\n \"occurrences\": [\n {\n \"description\": \"<string>\",\n \"fromUrl\": \"<string>\",\n \"queryParams\": [\n {\n \"key\": \"<string>\",\n \"value\": \"<string>\"\n }\n ],\n \"headers\": [\n {\n \"key\": \"<string>\",\n \"value\": \"<string>\"\n }\n ],\n \"body\": \"<string>\"\n }\n ],\n \"severity\": 123,\n \"vulnerableComponentUniqueId\": \"<string>\",\n \"description\": \"<string>\",\n \"remediationInstructions\": \"<string>\",\n \"url\": \"<string>\",\n \"httpMethod\": \"<string>\",\n \"cveId\": \"<string>\",\n \"cvss3Vector\": \"<string>\",\n \"cvss3Score\": 123\n }\n ]\n}"
response = http.request(request)
puts response.read_body{
"success": true
}