Skip to content
/
Get supplier's report

papi (2)

Panorays Public API

Download OpenAPI description
swagger.json
swagger.yaml
Overview
Support
support@panorays.com
Languages
Servers
Mock server
https://panorays-papi-v2-documentation.redocly.app/_mock/swagger
https://api.panoraysapp.com

Supplier

Use these routes to access and update your suppliers.

Operations

Segment

Operations

Posture

Operations

Portfolio

Operations

Asset

Operations

Finding

Operations

Get company findings

Request

This endpoint will return data and information about findings in the portfolio.

Security
bearer
Query
limitnumber[ 1 .. 200 ]

Number of records to return in the response

Default 200
sortBystring

Name of the field to sort by

Enum"status""asset_name""test_name""insert_ts""update_ts"
sortDirectionstring

The direction of the field sort specified by sort_by

Enum"ASC""asc""1""DESC""desc""-1"
next_tokenstring

Token received from a previous request to obtain the next chunk of data

fieldsstring

Fields to include in response

Enum"id""status""severity""asset_name""category""sub_category""test_text""test_name""finding_text""description"
statusArray of strings

Status of the finding(s)

severityArray of strings

Severity of the finding(s)

asset_nameArray of strings

Asset of finding(s)

idArray of strings

Id of the finding(s)

sub_categoryArray of strings

Sub category of finding(s)

segmentsArray of strings

Ids of segments of finding(s)

test_nameArray of strings
curl -i -X GET \
  'https://panorays-papi-v2-documentation.redocly.app/_mock/swagger/v2/findings?limit=200&sortBy=status&sortDirection=ASC&next_token=string&fields=id&status=string&severity=string&asset_name=string&id=string&sub_category=string&segments=string&test_name=string' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

All found findings are returned.

Bodyapplication/jsonArray [
statusstringrequired
Enum"OPEN""DONE"
severitystringrequired
Enum"LOW""MEDIUM""HIGH""CRITICAL"
idstringrequired
metadataobjectrequired
cvesArray of stringsrequired
asset_namestringrequired
categorystringrequired
sub_categorystringrequired
test_textstringrequired
finding_textstringrequired
descriptionstringrequired
insert_tsstringrequired
update_tsstringrequired
test_namestringrequired
segmentsArray of stringsrequired
]
Response
application/json
[
  {
    "status": "OPEN",
    "severity": "LOW",
    "id": "string",
    "metadata": {},
    "cves": [ … ],
    "asset_name": "string",
    "category": "string",
    "sub_category": "string",
    "test_text": "string",
    "finding_text": "string",
    "description": "string",
    "insert_ts": "string",
    "update_ts": "string",
    "test_name": "string",
    "segments": [ … ]
  }
]

Get supplier's report

Request

This endpoint will return csv with information about findings in the portfolio.

Security
bearer
Path
supplierIdstringrequired

Id of the supplier

Query
langstring

Report language (en|ja)

Enum"en""ja"
curl -i -X GET \
  'https://panorays-papi-v2-documentation.redocly.app/_mock/swagger/v2/suppliers/{supplierId}/report/findings?lang=en' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

Report has been found

Get supplier finding by id

Request

This endpoint will return data and information about a supplier’s specific finding.

Security
bearer
Path
supplierIdstringrequired

Id of the supplier

findingIdstringrequired

Finding id to fetch

Query
fieldsstring

Fields to include in response

Enum"id""status""severity""asset_name""category""sub_category""test_text""test_name""finding_text""description"
curl -i -X GET \
  'https://panorays-papi-v2-documentation.redocly.app/_mock/swagger/v2/suppliers/{supplierId}/findings/{findingId}?fields=id' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

Found supplier finding by id.

RemediationTasks

Operations

BusinessInformation

Operations

File

Operations

Questionnaire

Operations

RiskInsights

Operations

BusinessSnapshot

Operations

Relationship

Operations

Licenses

Operations

Templates

Operations

Activity Center

Operations

Tags

Tag actions (Create, Delete, Get, Update) apply to company tags only. Tags can’t be updated via the supplier endpoint, as they may link to multiple suppliers. When a company tag is updated/deleted, all associated suppliers are automatically updated — no separate supplier update is needed.

Operations

Factors

Operations

CyberNewsArticles

Operations

DarkWebMentions

Operations

ReEvaluation

Operations

Webhooks Intro

The hook api provides a simple way of registering to events that happen with your suppliers

Getting Started

The following steps will walk you through the process of registering and reacting to webhooks.

  1. Register an API token

If you don’t already have an API token, you can generate one through Panorays platform or contact Panorays Support at support@panorays.com.

  1. Register your app

Before you can start receiving events, register your application with Panorays using the Handshake API call.

  1. Subscribe to relevant events

You will only receive event calls for events you subscribe to using the Subscribe API call.
Note: You can unsubscribe at any time using the Unsubscribe API call.

  1. Start receiving events

You're done! From now on, you will receive notifications for every event you subscribed to.

To learn how to secure your app and ensure you handle events only from Panorays, read about Verifying requests.

Verify Requests

Panorays signs every request with a secret that's unique to your service account, using this secret you can verify that the incoming request arrived from Panorays servers.

Handshake

Operations

Subscription

Operations