package main
import(
"context"
"github.com/conductorone/conductorone-sdk-go/pkg/models/shared"
conductoronesdkgo "github.com/conductorone/conductorone-sdk-go"
"github.com/conductorone/conductorone-sdk-go/pkg/models/operations"
"log"
)
func main() {
ctx := context.Background()
s := conductoronesdkgo.New(
conductoronesdkgo.WithSecurity(shared.Security{
BearerAuth: "<YOUR_BEARER_TOKEN_HERE>",
Oauth: "<YOUR_OAUTH_HERE>",
}),
)
res, err := s.Finding.UpdateFindingState(ctx, operations.C1APIFindingV1FindingServiceUpdateFindingStateRequest{
FindingID: "<id>",
})
if err != nil {
log.Fatal(err)
}
if res.UpdateFindingStateResponse != nil {
// handle response
}
}import { ConductoroneSDKTypescript } from "conductorone-sdk-typescript";
const conductoroneSDKTypescript = new ConductoroneSDKTypescript({
security: {
bearerAuth: "<YOUR_BEARER_TOKEN_HERE>",
oauth: "<YOUR_OAUTH_HERE>",
},
});
async function run() {
const result = await conductoroneSDKTypescript.finding.updateFindingState({
findingId: "<id>",
});
console.log(result);
}
run();curl --request POST \
--url https://{tenantDomain}.conductor.one/api/v1/findings/{finding_id}/state \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"acceptRisk": {
"expiresAt": "2023-11-07T05:31:56Z",
"justification": "<string>"
},
"reopen": {},
"resolve": {
"reason": "<string>"
},
"snooze": {
"reason": "<string>",
"snoozeUntil": "2023-11-07T05:31:56Z"
},
"suppress": {
"reason": "<string>"
},
"unsuppress": {}
}
'import requests
url = "https://{tenantDomain}.conductor.one/api/v1/findings/{finding_id}/state"
payload = {
"acceptRisk": {
"expiresAt": "2023-11-07T05:31:56Z",
"justification": "<string>"
},
"reopen": {},
"resolve": { "reason": "<string>" },
"snooze": {
"reason": "<string>",
"snoozeUntil": "2023-11-07T05:31:56Z"
},
"suppress": { "reason": "<string>" },
"unsuppress": {}
}
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({
acceptRisk: {expiresAt: '2023-11-07T05:31:56Z', justification: '<string>'},
reopen: {},
resolve: {reason: '<string>'},
snooze: {reason: '<string>', snoozeUntil: '2023-11-07T05:31:56Z'},
suppress: {reason: '<string>'},
unsuppress: {}
})
};
fetch('https://{tenantDomain}.conductor.one/api/v1/findings/{finding_id}/state', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://{tenantDomain}.conductor.one/api/v1/findings/{finding_id}/state",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'acceptRisk' => [
'expiresAt' => '2023-11-07T05:31:56Z',
'justification' => '<string>'
],
'reopen' => [
],
'resolve' => [
'reason' => '<string>'
],
'snooze' => [
'reason' => '<string>',
'snoozeUntil' => '2023-11-07T05:31:56Z'
],
'suppress' => [
'reason' => '<string>'
],
'unsuppress' => [
]
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}HttpResponse<String> response = Unirest.post("https://{tenantDomain}.conductor.one/api/v1/findings/{finding_id}/state")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"acceptRisk\": {\n \"expiresAt\": \"2023-11-07T05:31:56Z\",\n \"justification\": \"<string>\"\n },\n \"reopen\": {},\n \"resolve\": {\n \"reason\": \"<string>\"\n },\n \"snooze\": {\n \"reason\": \"<string>\",\n \"snoozeUntil\": \"2023-11-07T05:31:56Z\"\n },\n \"suppress\": {\n \"reason\": \"<string>\"\n },\n \"unsuppress\": {}\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://{tenantDomain}.conductor.one/api/v1/findings/{finding_id}/state")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"acceptRisk\": {\n \"expiresAt\": \"2023-11-07T05:31:56Z\",\n \"justification\": \"<string>\"\n },\n \"reopen\": {},\n \"resolve\": {\n \"reason\": \"<string>\"\n },\n \"snooze\": {\n \"reason\": \"<string>\",\n \"snoozeUntil\": \"2023-11-07T05:31:56Z\"\n },\n \"suppress\": {\n \"reason\": \"<string>\"\n },\n \"unsuppress\": {}\n}"
response = http.request(request)
puts response.read_body{
"finding": {
"appId": "<string>",
"appUserTarget": {
"appId": "<string>",
"appUserId": "<string>"
},
"assignedOwner": {
"appOwnerAppId": "<string>",
"identityUserId": "<string>",
"managerOfUserId": "<string>",
"userSetId": "<string>"
},
"computedOwner": {
"appOwnerAppId": "<string>",
"identityUserId": "<string>",
"managerOfUserId": "<string>",
"userSetId": "<string>"
},
"createdAt": "2023-11-07T05:31:56Z",
"customTags": {},
"decoyCredentialUsed": {
"decoyId": "<string>"
},
"decoyTarget": {
"decoyId": "<string>"
},
"fingerprint": "<string>",
"firstObservedAt": "2023-11-07T05:31:56Z",
"id": "<string>",
"identityUserTarget": {
"identityUserId": "<string>"
},
"lastObservedAt": "2023-11-07T05:31:56Z",
"recurrenceCount": 123,
"remediationDescription": "<string>",
"resolvedAt": "2023-11-07T05:31:56Z",
"riskAcceptanceExpiresAt": "2023-11-07T05:31:56Z",
"riskAcceptanceJustification": "<string>",
"riskScore": {
"originalScore": 123,
"overrideByUserId": "<string>",
"overrideScore": 123,
"riskFactors": [
{
"description": "<string>",
"name": "<string>",
"weight": 123
}
],
"score": 123,
"systemScore": 123
},
"serviceAccountMisclassification": {},
"serviceAccountMisclassificationEvidence": {
"detectionReason": "<string>"
},
"similarUsernameMatch": {
"proposedIdentityUserId": "<string>"
},
"similarUsernameMatchEvidence": {
"appUsername": "<string>",
"identityUsername": "<string>",
"similarityScore": 123
},
"snoozeReason": "<string>",
"snoozeUntil": "2023-11-07T05:31:56Z",
"sourceDetectorId": "<string>",
"stateUpdatedById": "<string>",
"suppressReason": "<string>",
"taskId": "<string>",
"updatedAt": "2023-11-07T05:31:56Z"
}
}Update Finding State
Update finding workflow state (snooze, accept risk, suppress, reopen, resolve).
package main
import(
"context"
"github.com/conductorone/conductorone-sdk-go/pkg/models/shared"
conductoronesdkgo "github.com/conductorone/conductorone-sdk-go"
"github.com/conductorone/conductorone-sdk-go/pkg/models/operations"
"log"
)
func main() {
ctx := context.Background()
s := conductoronesdkgo.New(
conductoronesdkgo.WithSecurity(shared.Security{
BearerAuth: "<YOUR_BEARER_TOKEN_HERE>",
Oauth: "<YOUR_OAUTH_HERE>",
}),
)
res, err := s.Finding.UpdateFindingState(ctx, operations.C1APIFindingV1FindingServiceUpdateFindingStateRequest{
FindingID: "<id>",
})
if err != nil {
log.Fatal(err)
}
if res.UpdateFindingStateResponse != nil {
// handle response
}
}import { ConductoroneSDKTypescript } from "conductorone-sdk-typescript";
const conductoroneSDKTypescript = new ConductoroneSDKTypescript({
security: {
bearerAuth: "<YOUR_BEARER_TOKEN_HERE>",
oauth: "<YOUR_OAUTH_HERE>",
},
});
async function run() {
const result = await conductoroneSDKTypescript.finding.updateFindingState({
findingId: "<id>",
});
console.log(result);
}
run();curl --request POST \
--url https://{tenantDomain}.conductor.one/api/v1/findings/{finding_id}/state \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"acceptRisk": {
"expiresAt": "2023-11-07T05:31:56Z",
"justification": "<string>"
},
"reopen": {},
"resolve": {
"reason": "<string>"
},
"snooze": {
"reason": "<string>",
"snoozeUntil": "2023-11-07T05:31:56Z"
},
"suppress": {
"reason": "<string>"
},
"unsuppress": {}
}
'import requests
url = "https://{tenantDomain}.conductor.one/api/v1/findings/{finding_id}/state"
payload = {
"acceptRisk": {
"expiresAt": "2023-11-07T05:31:56Z",
"justification": "<string>"
},
"reopen": {},
"resolve": { "reason": "<string>" },
"snooze": {
"reason": "<string>",
"snoozeUntil": "2023-11-07T05:31:56Z"
},
"suppress": { "reason": "<string>" },
"unsuppress": {}
}
headers = {
"Authorization": "Bearer <token>",
"Content-Type": "application/json"
}
response = requests.post(url, json=payload, headers=headers)
print(response.text)const options = {
method: 'POST',
headers: {Authorization: 'Bearer <token>', 'Content-Type': 'application/json'},
body: JSON.stringify({
acceptRisk: {expiresAt: '2023-11-07T05:31:56Z', justification: '<string>'},
reopen: {},
resolve: {reason: '<string>'},
snooze: {reason: '<string>', snoozeUntil: '2023-11-07T05:31:56Z'},
suppress: {reason: '<string>'},
unsuppress: {}
})
};
fetch('https://{tenantDomain}.conductor.one/api/v1/findings/{finding_id}/state', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://{tenantDomain}.conductor.one/api/v1/findings/{finding_id}/state",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'acceptRisk' => [
'expiresAt' => '2023-11-07T05:31:56Z',
'justification' => '<string>'
],
'reopen' => [
],
'resolve' => [
'reason' => '<string>'
],
'snooze' => [
'reason' => '<string>',
'snoozeUntil' => '2023-11-07T05:31:56Z'
],
'suppress' => [
'reason' => '<string>'
],
'unsuppress' => [
]
]),
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>",
"Content-Type: application/json"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}HttpResponse<String> response = Unirest.post("https://{tenantDomain}.conductor.one/api/v1/findings/{finding_id}/state")
.header("Authorization", "Bearer <token>")
.header("Content-Type", "application/json")
.body("{\n \"acceptRisk\": {\n \"expiresAt\": \"2023-11-07T05:31:56Z\",\n \"justification\": \"<string>\"\n },\n \"reopen\": {},\n \"resolve\": {\n \"reason\": \"<string>\"\n },\n \"snooze\": {\n \"reason\": \"<string>\",\n \"snoozeUntil\": \"2023-11-07T05:31:56Z\"\n },\n \"suppress\": {\n \"reason\": \"<string>\"\n },\n \"unsuppress\": {}\n}")
.asString();require 'uri'
require 'net/http'
url = URI("https://{tenantDomain}.conductor.one/api/v1/findings/{finding_id}/state")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Post.new(url)
request["Authorization"] = 'Bearer <token>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"acceptRisk\": {\n \"expiresAt\": \"2023-11-07T05:31:56Z\",\n \"justification\": \"<string>\"\n },\n \"reopen\": {},\n \"resolve\": {\n \"reason\": \"<string>\"\n },\n \"snooze\": {\n \"reason\": \"<string>\",\n \"snoozeUntil\": \"2023-11-07T05:31:56Z\"\n },\n \"suppress\": {\n \"reason\": \"<string>\"\n },\n \"unsuppress\": {}\n}"
response = http.request(request)
puts response.read_body{
"finding": {
"appId": "<string>",
"appUserTarget": {
"appId": "<string>",
"appUserId": "<string>"
},
"assignedOwner": {
"appOwnerAppId": "<string>",
"identityUserId": "<string>",
"managerOfUserId": "<string>",
"userSetId": "<string>"
},
"computedOwner": {
"appOwnerAppId": "<string>",
"identityUserId": "<string>",
"managerOfUserId": "<string>",
"userSetId": "<string>"
},
"createdAt": "2023-11-07T05:31:56Z",
"customTags": {},
"decoyCredentialUsed": {
"decoyId": "<string>"
},
"decoyTarget": {
"decoyId": "<string>"
},
"fingerprint": "<string>",
"firstObservedAt": "2023-11-07T05:31:56Z",
"id": "<string>",
"identityUserTarget": {
"identityUserId": "<string>"
},
"lastObservedAt": "2023-11-07T05:31:56Z",
"recurrenceCount": 123,
"remediationDescription": "<string>",
"resolvedAt": "2023-11-07T05:31:56Z",
"riskAcceptanceExpiresAt": "2023-11-07T05:31:56Z",
"riskAcceptanceJustification": "<string>",
"riskScore": {
"originalScore": 123,
"overrideByUserId": "<string>",
"overrideScore": 123,
"riskFactors": [
{
"description": "<string>",
"name": "<string>",
"weight": 123
}
],
"score": 123,
"systemScore": 123
},
"serviceAccountMisclassification": {},
"serviceAccountMisclassificationEvidence": {
"detectionReason": "<string>"
},
"similarUsernameMatch": {
"proposedIdentityUserId": "<string>"
},
"similarUsernameMatchEvidence": {
"appUsername": "<string>",
"identityUsername": "<string>",
"similarityScore": 123
},
"snoozeReason": "<string>",
"snoozeUntil": "2023-11-07T05:31:56Z",
"sourceDetectorId": "<string>",
"stateUpdatedById": "<string>",
"suppressReason": "<string>",
"taskId": "<string>",
"updatedAt": "2023-11-07T05:31:56Z"
}
}Authorizations
Bearer authentication header of the form Bearer <token>, where <token> is your auth token.
This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the c1TokenSource.Token() function.
Path Parameters
The ID of the finding whose state to update.
Body
The UpdateFindingStateRequest message.
This message contains a oneof named action. Only a single field of the following list may be set at a time:
- snooze
- suppress
- acceptRisk
- unsuppress
- resolve
- reopen
AcceptRiskAction parameters for UpdateFindingState.
Show child attributes
Show child attributes
ReopenAction parameters for UpdateFindingState.
ResolveAction parameters for UpdateFindingState (manual resolve).
Show child attributes
Show child attributes
SnoozeAction parameters for UpdateFindingState.
Show child attributes
Show child attributes
SuppressStateAction parameters for UpdateFindingState.
Show child attributes
Show child attributes
UnsuppressAction parameters for UpdateFindingState.
Response
Successful response
The UpdateFindingStateResponse message.
The Finding message.
This message contains a oneof named finding_type. Only a single field of the following list may be set at a time:
- similarUsernameMatch
- serviceAccountMisclassification
- decoyCredentialUsed
This message contains a oneof named target. Only a single field of the following list may be set at a time:
- identityUserTarget
- appUserTarget
- decoyTarget
This message contains a oneof named evidence. Only a single field of the following list may be set at a time:
- similarUsernameMatchEvidence
- serviceAccountMisclassificationEvidence
Show child attributes
Show child attributes
Was this page helpful?