Description: Creates a new Watch.
Notes: For Xray version 3.21.2 and above with Projects, a Project Admin with Manage Security Assets privilege can create a Watch using this REST API in the scope of a project, by using the additional query parameter projectKey. A Watch can include both Global and Project Policies.
Security: Requires the "Manage Watches" role to be set on the User or Group level.
Usage: POST /xray/api/v2/watches
Consumes: application/json
Produces: application/json
Path parameters: None
Query Parameters:
Name | Type | Required/Optional | Description |
|---|---|---|---|
| string | optional | Project key for scoped updates |
Request Body:
Name | Type | Required/Optional | Description |
|---|---|---|---|
| required | General data for the Watch | |
| optional | Resources the watch is applied on. It may be omitted only if | |
| array[string] | optional | Email addresses to receive Watch notifications |
| array[AssignedPolicyObj] | optional | Policies assigned to the Watch |
| boolean | optional | Indicates whether Jira ticket creation is enabled |
| string | optional | Jira profile for ticket generation |
| optional | Ticket generation settings for the Watch |
GeneralDataObj:
Name | Type | Required/Optional | Description |
|---|---|---|---|
| string | required | Name of the Watch |
| string | optional | Description of the Watch |
| boolean | optional | Indicates if the Watch is active or not. Default:
|
ProjectResourcesObj:
Name | Type | Required/Optional | Description |
|---|---|---|---|
| array[ResourceObj] | required | Resources to watch and associated Policies |
ResourceObj:
Name | Type | Required/Optional | Description |
|---|---|---|---|
| string | required | Type of the resource. Valid values: |
| string | optional | Type of repository. Valid values: |
| string | optional | The build/bundle repository - relevant only if it under project. Valid values: <projectKey>-build-info, <projectKey>-release-bundles-v2 |
| string | optional | Binary manager ID. Omit or set to default. |
| string | required | Name of the resource |
| array[FilterObj] | optional | Filters to apply to the resource. |
FilterObj:
Name | Type | Required/Optional | Description |
|---|---|---|---|
| string | required | Type of the filter. The acceptable filter type depends on the resource type. For the resource types repository and all-repos:
For the resource types all-builds,
For the resource types
|
| varies | required | Value of the filter, whose type depends on the filter type. |
For | |||
PatternObj | required | arrays of ant-style include and exclude path patterns. | |
For | |||
string | required | A regular expression string. | |
For | |||
string | required | One of the following package types: | |
For | |||
string | required | A MIME-type string. | |
For | |||
KeyValueObj | required | A custom property's key-value pair. | |
PatternObj:
Name | Type | Required/Optional | Description |
|---|---|---|---|
| array[string] | optional | arrays of ant-style include path patterns. |
| array[string] | optional | arrays of ant-style exclude path patterns. |
KeyValueObj:
Name | Type | Required/Optional | Description |
|---|---|---|---|
| string | required | The key name of a custom property's key-value pair. |
| string | required | The value of a custom property's key-value pair. |
AssignedPolicyObj:
Name | Type | Required/Optional | Description |
|---|---|---|---|
| string | required | Name of the policy |
| string | required | Type of the policy (e.g., security, license) Acceptable values: security, license, operational_risk |
TicketGenerationObj:
Name | Type | Required/Optional | Description |
|---|---|---|---|
| optional | Settings for creating duplicate tickets | |
| optional | Mapping of impact path profiles | |
| boolean | optional | Specifies whether Jira tickets should also be created for policy violations that have been marked as ignored in Xray. |
DuplicateTicketCreationObj:
Name | Type | Required/Optional | Description |
|---|---|---|---|
| optional | Settings for creating duplicate tickets by version |
VersionTicketSettingsObj:
Name | Type | Required/Optional | Description |
|---|---|---|---|
| boolean | optional | Indicates whether duplicate tickets are created for builds |
| boolean | optional | Indicates whether duplicate tickets are created for packages |
| boolean | optional | Indicates whether duplicate tickets are created for release bundles |
ImpactPathProfileMappingObj:
Name | Type | Required/Optional | Description |
|---|---|---|---|
| array[IncludeObj] | optional | Settings for mapping impact paths to JIRA profiles |
IncludeObj:
Name | Type | Required/Optional | Description |
|---|---|---|---|
| string | required | Impact path profile |
| string | required | Pattern for the impact path corresponding to profile |
Response Body
Name | Type | Description |
|---|---|---|
| string | Success info message |
| string | Error message text |
Response Codes
Status code | Description |
|---|---|
201 | Success - Watch has been successfully created |
415 | Failed to parse request |
400 | Invalid Watch |
403 | No permission for Watch |
409 | Watch already exists |
500 | Failed to create Watch |
Example Requests
Example 1 - Watch a Repository
{
"general_data": {
"name": "example1-watch",
"description": "This is an example watch #1",
"active": true
},
"project_resources": {
"resources": [
{
"type": "repository",
"bin_mgr_id": "default",
"name": "libs-release-local",
"filters": [
{
"type": "regex",
"value": ".*"
}
]
}
]
},
"assigned_policies": [
{
"name": "medium_vuln_policy",
"type": "security"
}
],
"watch_recipients":["mymail@acme.com","sec@acme.com"]
}
Example 2 - Watch All Repositories
{
"general_data": {
"name": "all-repositories",
"description": "This is a new watch for all repositories",
"active": true
},
"project_resources": {
"resources": [
{
"type": "all-repos",
"filters": [
{
"type": "package-type",
"value": "Docker"
},
{
"type": "package-type",
"value": "Debian"
}
]
}
]
},
"assigned_policies": [
{
"name": "critial_issues",
"type": "security"
}
],
"watch_recipients":["mymail@acme.com","umac@youremail.com"]
}
Example 3 - Watch a Build
{
"general_data": {
"name": "specific-build-watch",
"description": "This is a new watch for a specific build",
"active": true
},
"project_resources": {
"resources": [
{
"type": "build",
"name": "release-pipeline"
}
]
},
"assigned_policies": [
{
"name": "critial_issues",
"type": "security"
},
{
"name": "block_policy",
"type": "security"
}
],
"watch_recipients":["mymail@acme.com","umac@youremail.com"]
}
Example 4- Watch all Builds
{
"general_data": {
"name": "build-watch",
"description": "This is a new watch created using API V2",
"active": true
},
"project_resources": {
"resources": [
{
"type": "all-builds",
"filters": [
{
"type": "ant-patterns",
"value":{
"ExcludePatterns": ["a*","b*"],
"IncludePatterns": ["ab*"]
}
}
]
}
]
},
"assigned_policies": [
{
"name": "test-license-policy-allowed-12956",
"type": "license"
}
],
"watch_recipients":["mymail@acme.com","umac@youremail.com"]
}
Example 5 - Watch a Release Bundle V2
{
"general_data": {
"name": "specific-bundle-watch",
"active": true
},
"project_resources": {
"resources": [
{
"type": "releaseBundleV2",
"bin_mgr_id": "default",
"name": "release-pipeline"
}
]
},
"assigned_policies": [
{
"name": "block_policy",
"type": "security"
}
]
}
Example 6 - Watch all Release Bundle V2
{
"general_data": {
"name": "bundles-watch",
"active": true
},
"project_resources": {
"resources": [
{
"type": "all-releaseBundlesV2",
"bin_mgr_id": "default"
}
]
},
"assigned_policies": [
{
"name": "test-license-policy-allowed-12956",
"type": "license"
}
]
}
Example 7 - Watch Projects by Project Key
{
"general_data": {
"name": "single_project_watch",
"description": "This is a new watch for single project",
"active": true
},
"project_resources": {
"resources": [
{
"type": "project",
"name": "myproject"
}
]
},
"assigned_policies": [
{
"name": "medium_policy",
"type": "security"
}
],
"watch_recipients": [
"mymaila@acme.com",
"umac@youremail.com"
]
}
Example 8 - Watch All Projects
{
"general_data": {
"name": "vuln-prod",
"description": "This is a new watch created using API V2",
"active": true
},
"project_resources": {
"resources": [
{
"type": "all-projects"
}
]
}
],
"assigned_policies": [
{
"name": "medium_policy",
"type": "security"
}
],
"watch_recipients":["mymail@acme.com","umac@youremail.com"]
}
Example 9 - Watch Projects with Include/Exclude Patterns on all Projects
{
"general_data": {
"name": "vuln-prod",
"description": "This is a new watch created using API V2",
"active": true
},
"project_resources": {
"resources": [
{
"type": "all-projects",
"bin_mgr_id": "default",
"filters": [
{
"type": "ant-patterns",
"value": {
"ExcludePatterns": [
"a*",
"b*"
],
"IncludePatterns": [
"ab*"
]
}
}
]
}
]
},
"assigned_policies": [
{
"name": "medium_policy",
"type": "security"
}
],
"watch_recipients": [
"mymail@acme.com",
"umac@youremail.com"
]
}
Example 10 - Create Watch with Jira Integration Enabled on multiple resource types
{
"general_data": {
"name": "example-watch",
"active": true,
"description": "This is an example watch"
},
"project_resources": {
"resources": [
{
"type": "repository",
"name": "docker-local",
"filters": [
{
"type": "path-ant-patterns",
"value": {
"IncludePatterns": [
"***"
],
"ExcludePatterns": [
"**b*"
]
}
},
{
"type": "package-type",
"value": "Docker"
}
],
"repo_type": "local"
},
{
"type": "releaseBundle",
"name": "example-build"
},
{
"type": "build",
"name": "example-rb",
"build_repo": "builds"
},
{
"type": "releaseBundleV2",
"name": "example-rbv2",
"build_repo": "release-bundles-v2"
}
]
},
"assigned_policies": [
{
"name": "demo-security",
"type": "security"
}
],
"watch_recipients": [
"mymail@acme.com"
],
"create_ticket_enabled": true,
"ticket_profile": "Profile-example",
"ticket_generation": {
"create_duplicate_tickets": {
"by_version": {
"build": true,
"package": true,
"release_bundle": true
}
},
"impact_path_profiles_mapping": {
"include": [
{
"profile": "ProjectA-profile",
"pattern": "*a/*"
},
{
"profile": "ProjectB-profile",
"pattern": "*b/*"
}
]
}
}
}
Example 11 - Create a Watch in the Project Scope
POST /xray/api/v2/watches?projectKey=myproject
Example 12 - Watch a specific Git Repository
{
"general_data": {
"name": "example-watch",
"description": "Watch git repository",
"active": true
},
"project_resources": {
"resources": [
{
"bin_mgr_id": "default",
"type": "gitRepository",
"name": "github.com/my-org/my-git-repo.git"
}
]
},
"assigned_policies": [
{
"bin_mgr_id": "default",
"name": "my_git_policy",
"type": "security"
}
]
}
Example 13 - Watch a Git Organization excluding a specific repository
{
"general_data": {
"name": "example-watch",
"description": "Watch git organization excluding a specific repository",
"active": true
},
"project_resources": {
"resources": [
{
"bin_mgr_id": "default",
"type": "gitRepository",
"name": "github.com/my-org",
"filters": [
{
"type": "ant-patterns",
"value": {
"ExcludePatterns": [
"github.com/my-org/repo-to-exclude.git"
]
}
}
]
}
]
},
"assigned_policies": [
{
"name": "my_git_policy",
"type": "security"
}
]
}
Example Responses
Successful response:
201 Created
{
"info": "Watch has been successfully created"
}
Error Response:
409 Conflict
{
"error": "Watch already exists"
}