As with most of Data Theorem’s APIs, you must create an API Key, and that API Key must be granted access to the API Security Results API. Please review API Conventions – Authentication and Authorization for more information on setting up the API Key.
Note that “API Security Results API” checkbox must be enabled in the API Key configuration in order to access the SAST Security Results API.
In order to authenticate your request, you must provide the API Key within the Authorization header, with a “type” of
APIKey. For example, if your API Key’s value is 1234567890abcdefgh=, then the Authorization header should look
like the following:
1 | Authorization: APIKey 1234567890abcdefgh= |
With curl, it may look like:
1 | $ curl -X GET -H "Authorization: APIKey 1234567890abcdefgh=" https://api.securetheorem.com/apis/sast_security/results/v1/policy_violations |
Data Theorem maintains a reference client implemented in Python, for Python 3.6 or newer. You can find out more at: https://bitbucket.org/datatheorem/dt-api-security-results