Skip to content
/
Get suppliers tests

papi (2)

Panorays Public API

Download OpenAPI description
swagger.json
swagger.yaml
Overview
Support
support@panorays.com
Languages
Servers
Mock server
https://panorays-papi-v2-documentation.redocly.app/_mock/swagger
https://api.panoraysapp.com

Supplier

Use these routes to access and update your suppliers.

Operations

Delete supplier

Request

Delete a single supplier by id.

Security
bearer
Path
supplierIdstringrequired

Id of the supplier

Bodyapplication/jsonrequired
reasonstringrequired

Reason of supplier's removal

Enum"Supplier No Longer Required""Non-Compliance with Policy""Duplicate Supplier Entry""License Costs"
curl -i -X DELETE \
  'https://panorays-papi-v2-documentation.redocly.app/_mock/swagger/v2/suppliers/{supplierId}' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "reason": "Supplier No Longer Required"
  }'

Responses

Supplier deleted Or Supplier not found.

Get suppliers tests

Request

This endpoint will return data and information about the requested supplier’s tests performed as part of the evaluation.

Path
supplierIdstringrequired

Id of the supplier

Query
limitnumber[ 1 .. 200 ]

Number of records to return in the response

Default 200
sortByArray of strings

Name of the field to sort by

Items Enum"name""severity""category""category_text""sub_category""sub_category_text""criterion_text""open_findings_count""closed_findings_count"
sortDirectionstring

The direction of the field sort specified by sort_by

Enum"ASC""asc""1""DESC""desc""-1"
next_tokenstring

Token received from a previous request to obtain the next chunk of data

nameArray of strings

Tests will only contain specified name (all if none)

severityArray of strings

Tests will only contain specified severity (all if none)

Items Enum"info""low""medium""high""critical"
fieldsstring
Enum"name""severity""category""category_text""sub_category""sub_category_text""criterion_text""open_findings_count""closed_findings_count"
curl -i -X GET \
  'https://panorays-papi-v2-documentation.redocly.app/_mock/swagger/v2/suppliers/{supplierId}/tests?limit=200&sortBy=name&sortDirection=ASC&next_token=string&name=string&severity=info&fields=name'

Responses

Tests.

Bodyapplication/json
severitystringrequired
Enum"INFO""LOW""MEDIUM""HIGH""CRITICAL"
categorystringrequired

The key of category

category_textstringrequired

The text of category

sub_categorystringrequired

The key of sub category

sub_category_textstringrequired

The text of sub category

open_findings_countnumberrequired

-1 indicates that no tests were performed

closed_findings_countnumberrequired

-1 indicates that no tests were performed

idstringrequired
namestringrequired
criterion_textstringrequired
Response
application/json
{
  "severity": "INFO",
  "category": "string",
  "category_text": "string",
  "sub_category": "string",
  "sub_category_text": "string",
  "open_findings_count": 0,
  "closed_findings_count": 0,
  "id": "string",
  "name": "string",
  "criterion_text": "string"
}

Post supplier assets

Request

This endpoint will create assets of a supplier.

Path
supplierIdstringrequired

Id of the supplier

Bodyapplication/jsonrequired
assetsArray of stringsrequired

assets by name, e.g., "127.0.0.1", "panorays.com"

Example: ["127.0.0.10","panorays.com"]
curl -i -X POST \
  'https://panorays-papi-v2-documentation.redocly.app/_mock/swagger/v2/suppliers/{supplierId}/assets' \
  -H 'Content-Type: application/json' \
  -d '{
    "assets": [
      "127.0.0.10",
      "panorays.com"
    ]
  }'

Responses

Assets.

Bodyapplication/json
typestringrequired
Enum"DOMAIN""SUBDOMAIN""IP""IP_RANGE"
is_upbooleanrequired

Is the asset active or not

locationstringrequired

The asset location, two letter country code

domainsArray of strings or null

List of domains corresponding with the asset. Only for assets of type IP

ipsArray of strings or null

List of ips corresponding with the asset. Only for assets of type DOMAIN or SUBDOMAIN

asset_lifecyclestringrequired

Assets Lifecycle

dispute_statusstringrequired

Dispute status

discovery_originstringrequired

Asset discovery origin

namestringrequired
insert_tsstringrequired
Response
application/json
{
  "type": "DOMAIN",
  "is_up": true,
  "location": "string",
  "domains": [
    "string"
  ],
  "ips": [
    "string"
  ],
  "asset_lifecycle": "string",
  "dispute_status": "string",
  "discovery_origin": "string",
  "name": "string",
  "insert_ts": "string"
}

Segment

Operations

Posture

Operations

Portfolio

Operations

Asset

Operations

Finding

Operations

RemediationTasks

Operations

BusinessInformation

Operations

File

Operations

Questionnaire

Operations

RiskInsights

Operations

BusinessSnapshot

Operations

Relationship

Operations

Licenses

Operations

Templates

Operations

Activity Center

Operations

Tags

Tag actions (Create, Delete, Get, Update) apply to company tags only. Tags can’t be updated via the supplier endpoint, as they may link to multiple suppliers. When a company tag is updated/deleted, all associated suppliers are automatically updated — no separate supplier update is needed.

Operations

Factors

Operations

CyberNewsArticles

Operations

DarkWebMentions

Operations

ReEvaluation

Operations

Webhooks Intro

The hook api provides a simple way of registering to events that happen with your suppliers

Getting Started

The following steps will walk you through the process of registering and reacting to webhooks.

  1. Register an API token

If you don’t already have an API token, you can generate one through Panorays platform or contact Panorays Support at support@panorays.com.

  1. Register your app

Before you can start receiving events, register your application with Panorays using the Handshake API call.

  1. Subscribe to relevant events

You will only receive event calls for events you subscribe to using the Subscribe API call.
Note: You can unsubscribe at any time using the Unsubscribe API call.

  1. Start receiving events

You're done! From now on, you will receive notifications for every event you subscribed to.

To learn how to secure your app and ensure you handle events only from Panorays, read about Verifying requests.

Verify Requests

Panorays signs every request with a secret that's unique to your service account, using this secret you can verify that the incoming request arrived from Panorays servers.

Handshake

Operations

Subscription

Operations