Get Exposures Report Content

Xray REST APIs
Products
JFrog Xray
Content Type
REST API
ft:sourceType
Paligo

Description: Get specific content in an Exposures report.

Security: Requires a user with the Manage Reports role.

Usage: POST /xray/api/v1/reports/exposures/{id}

Produces: application/json

Path Parameters

Name

Type

Required/Optional

Description

id

int

Required

Requested report id

Pagination Query Parameters

Parameter

Description

direction

desc/asc

page_num

Number of pages to present

num_of_rows

Number of rows per page

order_by

Order of presentation

Response Body

Name

Type

Description

total_rows

int

Total number of rows

rows

object<Report Row>

Report row list

Report Row

Name

Type

Description

category

string

One of [secrets, services, applications, iac]

jfrog_severity

string

JFrog severity level.

exposure_id

string

The exposure id. i.e. EXP-1235-0001

description

string

The exposure description

file_path

string

The path of the file where the exposure was found

location

string

The exposure location within the file. i.e. "Line Number: 2" or "Offset: 0x01024a"

repository

string

The name of the repository where the Artifact is stored

impacted_artifact

string

The name of the Artifact

cwe

string

CWE i.e. CWE-256

evidence

string

The evidence that was found

origin

string

The scanner's origin. One of [jfrog, custom]

provider

string

Token provider (for token only)

token_validation

string

If the token validation feature is enabled, this would be the result if trying to authenticate the token with the provider. One of [Active, Inactive, Unsupported, Unavailable]

token_info

string

Token provider metadata.

Response Codes

Status Code

Description

200

OK

400

Bad request - Required fields are missing

403

Permission denied

404

Not found

500

Internal server error

Sample Request

{{base_url}}/xray/api/v1/reports/exposures/3?direction=asc&page_num=1&num_of_rows=10

Successful Response Sample

200 OK

{
    "total_rows": 2,
    "rows": [
        {
            "category": "secrets",
            "jfrog_severity": "high",
            "exposures_id": "EXP-1235-00001",
            "description": "Plaintext API keys found",
            "file_path": "/exposures/req.secret.keys.py",
            "location": "Line Number: 2",
            "repository": "louis-vv18-exposures-report",
            "impacted_artifact": "docker://xmas:regular_louis_f42172",
            "cwe": "CWE-256",
            "evidence": "SqcyD**********",
            "origin": "jfrog",
            "provider": "aws_access"
        },
        {
            "category": "secrets",
            "jfrog_severity": "high",
            "exposures_id": "EXP-1235-00002",
            "description": "Plaintext API keys found",
            "file_path": "/exposures/req.secret.keys.py",
            "location": "Line Number: 3",
            "repository": "louis-vv18-exposures-report",
            "impacted_artifact": "docker://xmas:regular_louis_f42172",
            "cwe": "CWE-256",
            "evidence": "gho_D**********",
            "origin": "jfrog",
            "provider": "github"
        }
    ]
}