### Upload Evidence Response Example Source: https://docs.sprinto.com/api-references/sprinto-cookbooks/add-evidence-for-workflow-check Example response after successfully uploading evidence for a workflow check, indicating the new evidence status. ```python { "data": { "uploadWorkflowCheckEvidence": { "message": "Evidence uploaded for this check", "workflowCheck": { "evidenceStatus": "UPLOAD_COMPLETE" } } } } ``` -------------------------------- ### Workflow Checks Response Example Source: https://docs.sprinto.com/api-references/sprinto-cookbooks/add-evidence-for-workflow-check Example JSON response for the `WorkflowChecksPaginated` query, showing the structure of returned workflow checks with their primary keys (pk) and titles. ```json { "data": { "workflowChecksPaginated": { "totalCount": 107, "edges": [ { "node": { "pk": "dasdfadfsdsfsdfvcssdfvsC", // This is a dummy value "title": "Performance Evaluations" }, "cursor": "E48QH8ESAIJFNOAINCOMDFSD" // This is a dummy value }, { "node": { "pk": "dsfSCsdfcsaXcsdfcsdcc", // This is a dummy value "title": "Periodic review of the users having access to trello" }, "cursor": "dfsfdsf90w3rejdiwefioaDFC" // This is a dummy value } ] } } } ``` -------------------------------- ### Make a GraphQL API Request Source: https://docs.sprinto.com/api-references/getting-started/quick-start Examples for executing a GraphQL query against the Sprinto API using different clients. Ensure the API key is stored securely and not hardcoded. ```bash curl 'https://app.sprinto.com/dev-api/graphql' \ -H 'api-key: ' \ -H 'content-type: application/json' \ --data-raw '{ "query": "query ExampleQuery { hello }", "variables": {}, "operationName": "ExampleQuery" }' ``` ```python pip install requests import requests url = "https://app.sprinto.com/dev-api/graphql" api_key = "" headers = { "api-key": api_key, "content-type": "application/json" } data = { "query": "query ExampleQuery { hello }", "variables": {}, "operationName": "ExampleQuery" } response = requests.post(url, json=data, headers=headers) if response.status_code == 200: print("Response:") print(response.json()) else: print(f"Request failed with status code {response.status_code}") print(response.text) ``` ```javascript npm install axios const axios = require('axios'); const url = 'https://app.sprinto.com/dev-api/graphql'; const apiKey = ''; const headers = { 'api-key': apiKey, 'content-type': 'application/json', }; const data = { query: 'query ExampleQuery { hello }', variables: {}, operationName: 'ExampleQuery', }; axios.post(url, data, { headers }) .then(response => { console.log('Response:', response.data); }) .catch(error => { console.error( 'Request failed with status code', error.response?.status ); console.error(error.response?.data); }); ``` -------------------------------- ### Upload Evidence using Ruby (Requests) Source: https://docs.sprinto.com/api-references/upload-evidence-api Example of uploading evidence files using Ruby's `requests` library. Note that the code is presented in Python syntax within the Ruby tab. ```python import requests url = 'https://app.sprinto.com/api/v1/uploadEvidence' headers = { 'api-token': 'your-api-token' } files = { 'files': ('file.pdf', open('/path/to/file.pdf', 'rb'), 'application/pdf') } data = { 'monitor_pk': 'your-monitor-pk' } response = requests.post(url, headers=headers, files=files, data=data) print(response.json()) ``` -------------------------------- ### GET /api/issues/search Source: https://docs.sprinto.com/integrations/overview/sonarcloud-integration Fetches vulnerability data (issues of type VULNERABILITY) from SonarCloud projects. ```APIDOC ## GET /api/issues/search ### Description Fetches vulnerabilities (issues of type VULNERABILITY) to monitor security issues and track remediation. ### Method GET ### Endpoint /api/issues/search ### Parameters #### Required Permissions - **Browse** (Project-level) ``` -------------------------------- ### GET /api/project_branches/list Source: https://docs.sprinto.com/integrations/overview/sonarcloud-integration Retrieves a list of branches for a specific project to evaluate relevant code states. ```APIDOC ## GET /api/project_branches/list ### Description Retrieves project branches to ensure vulnerability data is mapped to the correct code states. ### Method GET ### Endpoint /api/project_branches/list ### Parameters #### Required Permissions - **Browse Project** (Project-level) ```