### Webhook Integration Configuration Example Source: https://docs.zeropath.com/webhook/introduction An example of creating a webhook integration for production security alerts. This includes defining the webhook URL and custom headers for authentication and environment identification. ```text Name: "Production Security Alerts" URL: `https://api.example.com/webhooks/zeropath` Custom Headers: `Authorization: Bearer prod-webhook-token-123` `X-Environment: production` ``` -------------------------------- ### OpenAPI Specification for Zeropath Installation Repositories API Source: https://docs.zeropath.com/api-reference/installations/get-installation-repositories The OpenAPI v3 specification for the POST /api/v1/installations/repositories endpoint. This defines the request and response structures, authentication, and available servers for managing installation repositories. ```yaml https://zeropath.com/openapi/v1.yaml paths: path: /api/v1/installations/repositories method: post servers: - url: https://zeropath.com description: Production server - url: https://dev.branch.zeropath.com description: Development server request: security: - title: apiTokenId & apiTokenSecret parameters: query: {} header: X-ZeroPath-API-Token-Id: type: apiKey X-ZeroPath-API-Token-Secret: type: apiKey cookie: {} parameters: path: {} query: {} header: {} cookie: {} body: application/json: schemaArray: - type: object properties: organizationId: allOf: - type: string appId: allOf: - type: string requiredProperties: [] examples: example: value: organizationId: appId: response: '200': application/json: schemaArray: - type: array items: allOf: - $ref: '#/components/schemas/InstallationRepository' examples: example: value: - id: repositoryUrl: repositoryName: defaultBranch: github: githubAppInstallationId: externalGithubRepositoryId: externalGithubAppInstallationId: gitlab: gitlabInstallationId: externalGitlabProjectId: bitbucket: bitbucketInstallationId: externalBitbucketRepositoryId: description: Successful response '400': application/json: schemaArray: - type: object properties: error: allOf: - type: string examples: example: value: error: description: Bad Request '401': application/json: schemaArray: - type: object properties: error: allOf: - type: string examples: example: value: error: description: Unauthorized deprecated: false type: path components: schemas: InstallationRepository: type: object properties: id: type: string repositoryUrl: type: string repositoryName: type: string defaultBranch: type: string github: type: object properties: githubAppInstallationId: type: string externalGithubRepositoryId: type: string externalGithubAppInstallationId: type: string required: - githubAppInstallationId - externalGithubRepositoryId - externalGithubAppInstallationId gitlab: type: object properties: gitlabInstallationId: type: string externalGitlabProjectId: type: string required: - gitlabInstallationId - externalGitlabProjectId bitbucket: type: object properties: bitbucketInstallationId: type: string externalBitbucketRepositoryId: type: string required: - bitbucketInstallationId - externalBitbucketRepositoryId required: - id - repositoryUrl - repositoryName ``` -------------------------------- ### Webhook Configuration for Critical Alerts Source: https://docs.zeropath.com/webhook/introduction Example configuration for a webhook setup focused on critical alerts, targeting production repositories and specific high-priority events. ```text Webhook: PagerDuty integration Repositories: Production repos only Events: `NEW_VULNERABILITIES_FULL_SCAN`, `PR_BLOCKED` Vulnerability Score Threshold: Critical ``` -------------------------------- ### Verify ZeroPath CLI Installation Source: https://docs.zeropath.com/cli/installation Commands to verify that the ZeroPath CLI has been installed correctly and is accessible. It checks the version and displays available help information. ```bash # Check if installed correctly zeropath --version # View available commands zeropath --help ``` -------------------------------- ### Perform First ZeroPath Scan Source: https://docs.zeropath.com/cli/installation Initiates a security scan using the ZeroPath CLI. This example shows scanning the current directory and saving the results in SARIF format, and also scanning a specific project path. ```bash # Scan current directory and save results zeropath scan . output.sarif # Scan a specific directory zeropath scan /path/to/your/project results.sarif ``` -------------------------------- ### Create GitHub App Installation Request (OpenAPI) Source: https://docs.zeropath.com/api-reference/installations/create-github-app-installation Defines the structure and parameters for creating a GitHub app installation via the Zeropath API. It includes required fields such as external GitHub App Installation ID, external GitHub App ID, and organization ID. Authentication is handled via API tokens. ```yaml paths: path: /api/v1/installations/create-github-installation method: post servers: - url: https://zeropath.com description: Production server - url: https://dev.branch.zeropath.com description: Development server request: security: - title: apiTokenId & apiTokenSecret parameters: query: {} header: X-ZeroPath-API-Token-Id: type: apiKey X-ZeroPath-API-Token-Secret: type: apiKey cookie: {} parameters: path: {} query: {} header: {} cookie: {} body: application/json: schemaArray: - type: object properties: externalGithubAppInstallationId: allOf: - type: string externalGithubAppId: allOf: - type: string organizationId: allOf: - type: string refIdentifier: '#/components/schemas/CreateGitHubAppInstallationInput' requiredProperties: - externalGithubAppInstallationId - externalGithubAppId - organizationId examples: example: value: externalGithubAppInstallationId: externalGithubAppId: organizationId: response: '200': application/json: schemaArray: - type: object properties: id: allOf: - type: string examples: example: value: id: description: Successful response '400': application/json: schemaArray: - type: object properties: error: allOf: - type: string examples: example: value: error: description: Bad Request '401': application/json: schemaArray: - type: object properties: error: allOf: - type: string examples: example: value: error: description: Unauthorized deprecated: false type: path components: schemas: {} ``` -------------------------------- ### POST /api/v1/installations/create-bitbucket-oauth-installation Source: https://docs.zeropath.com/api-reference/installations/create-bitbucket-oauth-installation-msp Creates a new Bitbucket OAuth installation by providing necessary credentials and identifiers. This endpoint is used to establish the connection between your project and Bitbucket. ```APIDOC ## POST /api/v1/installations/create-bitbucket-oauth-installation ### Description Creates a new Bitbucket OAuth installation by providing necessary credentials and identifiers. This endpoint is used to establish the connection between your project and Bitbucket. ### Method POST ### Endpoint https://zeropath.com/api/v1/installations/create-bitbucket-oauth-installation ### Parameters #### Header Parameters - **X-ZeroPath-API-Token-Id** (apiKey) - Required - Your ZeroPath API Token ID. - **X-ZeroPath-API-Token-Secret** (apiKey) - Required - Your ZeroPath API Token Secret. #### Request Body - **accessToken** (string) - Required - The OAuth access token for Bitbucket. - **refreshToken** (string) - Required - The OAuth refresh token for Bitbucket. - **workspace** (string) - Required - The Bitbucket workspace name. - **organizationId** (string) - Required - The ZeroPath organization ID. - **bitbucketAppId** (string) - Required - The Bitbucket application ID. ### Request Example ```json { "accessToken": "", "refreshToken": "", "workspace": "", "organizationId": "", "bitbucketAppId": "" } ``` ### Response #### Success Response (200) - **id** (string) - The unique identifier for the created installation. #### Response Example ```json { "id": "" } ``` #### Error Response (400) - **error** (string) - Description of the bad request. #### Error Response (401) - **error** (string) - Description of the unauthorized request. ``` -------------------------------- ### POST /api/v1/installations/repositories Source: https://docs.zeropath.com/api-reference/installations/get-installation-repositories Retrieves a list of installation repositories based on the provided organization and application IDs. Supports authentication via API tokens. ```APIDOC ## POST /api/v1/installations/repositories ### Description Retrieves a list of installation repositories for a given organization and application. ### Method POST ### Endpoint /api/v1/installations/repositories ### Parameters #### Query Parameters None #### Header Parameters - **X-ZeroPath-API-Token-Id** (apiKey) - Required - API Token ID for authentication. - **X-ZeroPath-API-Token-Secret** (apiKey) - Required - API Token Secret for authentication. #### Request Body - **organizationId** (string) - Required - The ID of the organization. - **appId** (string) - Required - The ID of the application. ### Request Example ```json { "organizationId": "", "appId": "" } ``` ### Response #### Success Response (200) - **id** (string) - Unique identifier for the repository. - **repositoryUrl** (string) - The URL of the repository. - **repositoryName** (string) - The name of the repository. - **defaultBranch** (string) - The default branch of the repository. - **github** (object) - GitHub specific details. - **githubAppInstallationId** (string) - The GitHub App installation ID. - **externalGithubRepositoryId** (string) - The external GitHub repository ID. - **externalGithubAppInstallationId** (string) - The external GitHub App installation ID. - **gitlab** (object) - GitLab specific details. - **gitlabInstallationId** (string) - The GitLab installation ID. - **externalGitlabProjectId** (string) - The external GitLab project ID. - **bitbucket** (object) - Bitbucket specific details. - **bitbucketInstallationId** (string) - The Bitbucket installation ID. - **externalBitbucketRepositoryId** (string) - The external Bitbucket repository ID. #### Response Example ```json [ { "id": "", "repositoryUrl": "", "repositoryName": "", "defaultBranch": "", "github": { "githubAppInstallationId": "", "externalGithubRepositoryId": "", "externalGithubAppInstallationId": "" }, "gitlab": { "gitlabInstallationId": "", "externalGitlabProjectId": "" }, "bitbucket": { "bitbucketInstallationId": "", "externalBitbucketRepositoryId": "" } } ] ``` #### Error Response (400) - **error** (string) - Description of the bad request. #### Error Response (401) - **error** (string) - Description of the unauthorized access. ``` -------------------------------- ### Webhook Configuration for Team Updates Source: https://docs.zeropath.com/webhook/introduction Example configuration for a webhook setup delivering daily team notifications across all repositories with a medium vulnerability score threshold. ```text Webhook: Slack channel Repositories: All repositories Events: `SCAN_COMPLETE`, `REPORT_COMPLETE` Vulnerability Score Threshold: Medium ``` -------------------------------- ### Webhook Configuration for PR Workflow Source: https://docs.zeropath.com/webhook/introduction Example configuration for a webhook setup focused on the PR workflow, targeting active development repositories and specific PR-related events with a high vulnerability score threshold. ```text Webhook: GitHub Actions Repositories: Active development repos Events: `PR_SCAN_COMPLETE`, `NEW_VULNERABILITIES_PR` Vulnerability Score Threshold: High ``` -------------------------------- ### Webhook Configuration for Audit Trail Source: https://docs.zeropath.com/webhook/introduction Example configuration for a webhook setup designed for compliance logging, capturing all event types across all repositories with an 'Info' vulnerability score threshold. ```text Webhook: SIEM system Repositories: All repositories Events: All event types Vulnerability Score Threshold: Info ``` -------------------------------- ### Install ZeroPath CLI on Linux (x64) Source: https://docs.zeropath.com/cli/installation Installs the ZeroPath CLI for 64-bit Linux systems. This involves downloading the Linux binary, granting execute permissions, and moving it to `/usr/local/bin/`. Uses `wget` and `chmod`. ```bash wget https://github.com/ZeroPathAI/zeropath-cli/releases/latest/download/zeropath-linux -O zeropath chmod +x zeropath sudo mv zeropath /usr/local/bin/ ``` -------------------------------- ### Create GitLab Installation OpenAPI Specification Source: https://docs.zeropath.com/api-reference/installations/create-gitlab-installation This is the OpenAPI specification for the create GitLab installation endpoint. It defines the request method (POST), URL, authentication parameters (API token), and the expected request and response body schemas for JSON payloads. It also specifies possible error responses for bad requests or unauthorized access. ```yaml paths: path: /api/v1/installations/create-gitlab-installation method: post servers: - url: https://zeropath.com description: Production server - url: https://dev.branch.zeropath.com description: Development server request: security: - title: apiTokenId & apiTokenSecret parameters: query: {} header: X-ZeroPath-API-Token-Id: type: apiKey X-ZeroPath-API-Token-Secret: type: apiKey cookie: {} parameters: path: {} query: {} header: {} cookie: {} body: application/json: schemaArray: - type: object properties: token: allOf: - type: string url: allOf: - type: string organizationId: allOf: - type: string groupName: allOf: - type: string projectName: allOf: - type: string refIdentifier: '#/components/schemas/AddGitLabInstallationInput' requiredProperties: - token - url examples: example: value: token: url: organizationId: groupName: projectName: response: '200': application/json: schemaArray: - type: object properties: id: allOf: - type: string examples: example: value: id: description: Successful response '400': application/json: schemaArray: - type: object properties: error: allOf: - type: string examples: example: value: error: description: Bad Request '401': application/json: schemaArray: - type: object properties: error: allOf: - type: string examples: example: value: error: description: Unauthorized deprecated: false type: path components: schemas: {} ``` -------------------------------- ### POST /api/v1/installations/create-github-installation Source: https://docs.zeropath.com/api-reference/installations/create-github-app-installation Creates a new GitHub app installation associated with your organization. This endpoint requires authentication using API tokens. ```APIDOC ## POST /api/v1/installations/create-github-installation ### Description Creates a new GitHub app installation by providing the external GitHub installation ID, external GitHub App ID, and your organization ID. Authentication is required. ### Method POST ### Endpoint https://zeropath.com/api/v1/installations/create-github-installation ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body - **externalGithubAppInstallationId** (string) - Required - The unique identifier for the GitHub app installation. - **externalGithubAppId** (string) - Required - The unique identifier for the GitHub App. - **organizationId** (string) - Required - The ID of your organization within Zeropath. ### Request Example ```json { "externalGithubAppInstallationId": "", "externalGithubAppId": "", "organizationId": "" } ``` ### Response #### Success Response (200) - **id** (string) - The unique identifier of the created installation. #### Response Example ```json { "id": "" } ``` #### Error Response (400) - **error** (string) - Description of the bad request. #### Error Response (401) - **error** (string) - Description of the unauthorized access. ### Authentication Requires `X-ZeroPath-API-Token-Id` and `X-ZeroPath-API-Token-Secret` headers. ``` -------------------------------- ### POST /api/v1/installations/create-gitlab-installation Source: https://docs.zeropath.com/api-reference/installations/create-gitlab-installation Creates a new GitLab installation within your Zeropath account. This endpoint requires authentication and specific details about the GitLab instance and organization. ```APIDOC ## POST /api/v1/installations/create-gitlab-installation ### Description Creates a new GitLab installation. Requires authentication with API tokens and provides details for the GitLab instance, organization, and project. ### Method POST ### Endpoint https://zeropath.com/api/v1/installations/create-gitlab-installation ### Parameters #### Path Parameters None #### Query Parameters None #### Request Body - **token** (string) - Required - Authentication token for GitLab. - **url** (string) - Required - The URL of the GitLab instance. - **organizationId** (string) - Required - The ID of the Zeropath organization. - **groupName** (string) - Required - The name of the GitLab group. - **projectName** (string) - Required - The name of the GitLab project. ### Request Example ```json { "token": "", "url": "", "organizationId": "", "groupName": "", "projectName": "" } ``` ### Response #### Success Response (200) - **id** (string) - The unique identifier for the created GitLab installation. #### Response Example ```json { "id": "" } ``` #### Error Response (400) - **error** (string) - Description of the bad request. #### Error Response (401) - **error** (string) - Description of the unauthorized request. ``` -------------------------------- ### Notification Settings Configuration Example Source: https://docs.zeropath.com/webhook/introduction An example of configuring notification settings for a webhook. This specifies the notification channel, the associated webhook integration, target repositories, events to monitor, and the vulnerability score threshold. ```text Notification Channel: "Webhook" Webhook: "Production Security Alerts" Repositories: "backend-api", "frontend-app" Events: `NEW_VULNERABILITIES_FULL_SCAN`, `NEW_VULNERABILITIES_PR`, `PR_BLOCKED` Vulnerability Score Threshold: High ``` -------------------------------- ### OpenAPI Specification for Bitbucket OAuth Installation Source: https://docs.zeropath.com/api-reference/installations/create-bitbucket-oauth-installation-msp This OpenAPI specification defines the POST endpoint for creating a Bitbucket OAuth installation. It details the required request parameters, including authentication tokens and installation details such as access tokens, refresh tokens, workspace, organization ID, and Bitbucket app ID. It also outlines the possible responses, including success (200) and error codes (400, 401). ```yaml https://zeropath.com/openapi/v1.yaml post /api/v1/installations/create-bitbucket-oauth-installation paths: path: /api/v1/installations/create-bitbucket-oauth-installation method: post servers: - url: https://zeropath.com description: Production server - url: https://dev.branch.zeropath.com description: Development server request: security: - title: apiTokenId & apiTokenSecret parameters: query: {} header: X-ZeroPath-API-Token-Id: type: apiKey X-ZeroPath-API-Token-Secret: type: apiKey cookie: {} parameters: path: {} query: {} header: {} cookie: {} body: application/json: schemaArray: - type: object properties: accessToken: allOf: - type: string refreshToken: allOf: - type: string workspace: allOf: - type: string organizationId: allOf: - type: string bitbucketAppId: allOf: - type: string refIdentifier: '#/components/schemas/CreateBitbucketOAuthInstallationInput' requiredProperties: - accessToken - workspace - organizationId - bitbucketAppId examples: example: value: accessToken: refreshToken: workspace: organizationId: bitbucketAppId: response: '200': application/json: schemaArray: - type: object properties: id: allOf: - type: string examples: example: value: id: description: Successful response '400': application/json: schemaArray: - type: object properties: error: allOf: - type: string examples: example: value: error: description: Bad Request '401': application/json: schemaArray: - type: object properties: error: allOf: - type: string examples: example: value: error: description: Unauthorized deprecated: false type: path components: schemas: {} ``` -------------------------------- ### Install ZeroPath CLI on macOS (Intel) Source: https://docs.zeropath.com/cli/installation Installs the ZeroPath CLI for macOS with Intel processors. It downloads the binary, makes it executable, and moves it to a system-wide location. Dependencies include `wget` and `chmod`. ```bash wget https://github.com/ZeroPathAI/zeropath-cli/releases/latest/download/zeropath-macos -O zeropath chmod +x zeropath sudo mv zeropath /usr/local/bin/ ``` -------------------------------- ### Common ZeroPath CLI Scan Patterns Source: https://docs.zeropath.com/cli/installation Demonstrates common usage patterns for the ZeroPath CLI, including quick scans of local projects, CI/CD integration with failure conditions, and scanning repositories by ID or URL. ```bash # Quick scan of current project zeropath scan . # Scan specific directory zeropath scan ./src output.sarif # Scan with failure on findings zeropath scan --fail-on-findings # Repository scanning by ID zeropath scan --repository-id # Repository scanning by URL zeropath scan --repository-url https://github.com/owner/repo --vcs github ``` -------------------------------- ### Install ZeroPath CLI on Windows (x64) Source: https://docs.zeropath.com/cli/installation Installs the ZeroPath CLI on 64-bit Windows systems. It downloads the Windows executable and moves it to the system's System32 directory for global access. Uses `Invoke-WebRequest` and `move`. ```powershell Invoke-WebRequest -Uri https://github.com/ZeroPathAI/zeropath-cli/releases/latest/download/zeropath-windows.exe -OutFile zeropath.exe move zeropath.exe "C:\Windows\System32\" ``` -------------------------------- ### Install ZeroPath CLI on macOS (ARM) Source: https://docs.zeropath.com/cli/installation Installs the ZeroPath CLI for macOS with ARM processors (M1/M2). It downloads the ARM-specific binary, makes it executable, and places it in the system's PATH. Requires `wget` and `chmod`. ```bash wget https://github.com/ZeroPathAI/zeropath-cli/releases/latest/download/zeropath-macos-arm64 -O zeropath chmod +x zeropath sudo mv zeropath /usr/local/bin/ ``` -------------------------------- ### Authenticate ZeroPath CLI Source: https://docs.zeropath.com/cli/installation Authenticates the ZeroPath CLI with your account using provided Client ID and Client Secret. This step is necessary before performing scans. ```bash # Authenticate with your Client ID and Client Secret zeropath auth ``` -------------------------------- ### Example Security Posture Response Structure Source: https://docs.zeropath.com/api-reference/stats/get-security-posture This example demonstrates the expected JSON structure for a successful security posture response. It includes aggregated metrics like overall risk score, issue counts, remediation times, and detailed lists of top risk factors and repository risk scores. ```json { "summary": { "overAllRiskScore": 123, "riskTrend": "", "totalOpenIssues": 123, "criticalIssues": 123, "highIssues": 123, "mediumIssues": 123, "lowIssues": 123, "vulnerabilityDensity": 123, "repositoriesAtRisk": 123, "totalRepositories": 123, "meanRemediationTime": 123 }, "exposure": { "meanCriticalExposure": 123, "meanHighExposure": 123, "oldestCriticalAge": 123, "oldestHighAge": 123 }, "trends": [ { "date": "2023-12-25", "openIssues": 123, "newIssues": 123, "resolvedIssues": 123, "riskScore": 123, "criticalIssues": 123, "meanRemediationTime": 123, "exposure": { "meanCriticalExposure": 123, "meanHighExposure": 123, "oldestCriticalAge": 123, "oldestHighAge": 123 } } ], "topRiskFactors": [ { "type": "", "count": 123 } ], "repositoryRiskScores": [ { "id": "", "name": "", "riskScore": 123, "openIssues": 123, "criticalIssues": 123 } ] } ``` -------------------------------- ### Create Bitbucket Token Installation OpenAPI Spec Source: https://docs.zeropath.com/api-reference/installations/create-bitbucket-workspace-access-token-installation This OpenAPI specification describes the POST /api/v1/installations/create-bitbucket-token-installation endpoint. It details the request body, including required fields like accessToken, workspace, and organizationId, and outlines the possible responses (200, 400, 401). ```yaml paths: path: /api/v1/installations/create-bitbucket-token-installation method: post servers: - url: https://zeropath.com description: Production server - url: https://dev.branch.zeropath.com description: Development server request: security: - title: apiTokenId & apiTokenSecret parameters: query: {} header: X-ZeroPath-API-Token-Id: type: apiKey X-ZeroPath-API-Token-Secret: type: apiKey cookie: {} parameters: path: {} query: {} header: {} cookie: {} body: application/json: schemaArray: - type: object properties: accessToken: allOf: - type: string workspace: allOf: - type: string organizationId: allOf: - type: string refIdentifier: '#/components/schemas/CreateBitbucketTokenInstallationInput' requiredProperties: - accessToken - workspace - organizationId examples: example: value: accessToken: workspace: organizationId: response: '200': application/json: schemaArray: - type: object properties: ok: allOf: - type: boolean examples: example: value: ok: true description: Successful response '400': application/json: schemaArray: - type: object properties: error: allOf: - type: string examples: example: value: error: description: Bad Request '401': application/json: schemaArray: - type: object properties: error: allOf: - type: string examples: example: value: error: description: Unauthorized deprecated: false type: path components: schemas: {} ``` -------------------------------- ### List Organizations using cURL Source: https://docs.zeropath.com/api-reference/introduction This example demonstrates how to list organizations using a cURL command. It includes the necessary authentication headers and specifies the Content-Type. ```bash curl -X GET https://zeropath.com/organizations \ -H "X-ZeroPath-API-Token-Id: YOUR_TOKEN_ID" \ -H "X-ZeroPath-API-Token-Secret: YOUR_TOKEN_SECRET" \ -H "Content-Type: application/json" ``` -------------------------------- ### POST /api/v1/installations/create-bitbucket-token-installation Source: https://docs.zeropath.com/api-reference/installations/create-bitbucket-workspace-access-token-installation Creates a Bitbucket workspace access token installation. This endpoint allows you to securely connect your Bitbucket workspace to Zeropath by providing an access token, workspace name, and organization ID. ```APIDOC ## POST /api/v1/installations/create-bitbucket-token-installation ### Description Creates a Bitbucket workspace access token installation. This endpoint allows you to securely connect your Bitbucket workspace to Zeropath by providing an access token, workspace name, and organization ID. ### Method POST ### Endpoint /api/v1/installations/create-bitbucket-token-installation ### Parameters #### Header Parameters - **X-ZeroPath-API-Token-Id** (apiKey) - Required - The ID for the ZeroPath API token. - **X-ZeroPath-API-Token-Secret** (apiKey) - Required - The secret for the ZeroPath API token. #### Request Body - **accessToken** (string) - Required - The Bitbucket access token. - **workspace** (string) - Required - The name of the Bitbucket workspace. - **organizationId** (string) - Required - The ID of the organization. ### Request Example ```json { "accessToken": "", "workspace": "", "organizationId": "" } ``` ### Response #### Success Response (200) - **ok** (boolean) - Indicates if the operation was successful. #### Response Example ```json { "ok": true } ``` #### Error Response (400) - **error** (string) - Description of the bad request error. #### Error Response (401) - **error** (string) - Description of the unauthorized error. ``` -------------------------------- ### Node.js Webhook Authentication with Custom Headers Source: https://docs.zeropath.com/webhook/introduction Examples of authenticating incoming webhook requests in Node.js using custom headers. Demonstrates patterns for Bearer Tokens, API Keys, and Custom Secret Headers. Ensure sensitive keys are stored securely (e.g., environment variables). ```javascript app.post('/webhooks/zeropath', (req, res) => { const authHeader = req.headers['authorization']; if (authHeader !== 'Bearer your-secret-token') { return res.status(401).send('Unauthorized'); } // Process webhook... }); ``` ```javascript app.post('/webhooks/zeropath', (req, res) => { const apiKey = req.headers['x-api-key']; if (apiKey !== process.env.WEBHOOK_API_KEY) { return res.status(401).send('Invalid API key'); } // Process webhook... }); ``` ```javascript app.post('/webhooks/zeropath', (req, res) => { const secret = req.headers['x-webhook-secret']; if (secret !== process.env.ZEROPATH_WEBHOOK_SECRET) { return res.status(401).send('Invalid webhook secret'); } // Process webhook... }); ``` -------------------------------- ### Common Webhook Fields Source: https://docs.zeropath.com/webhook/introduction This section outlines the common fields present in all ZeroPath webhook events, providing details on their type, requirement, and purpose. ```APIDOC ## Common Fields This section outlines the common fields present in all ZeroPath webhook events. ### Fields - **event** (string) - Required - The type of event that triggered the webhook (e.g., `SCAN_COMPLETE`, `NEW_VULNERABILITIES_FULL_SCAN`). - **timestamp** (string) - Required - ISO 8601 timestamp of when the event occurred. - **organization** (object) - Required - Organization information. - **organization.id** (string) - Required - Unique identifier for the organization. - **organization.name** (string) - Optional - Name of the organization. - **repository** (object) - Optional - Repository information (present in repository-specific events). - **repository.id** (string) - Optional - Unique identifier for the repository. - **repository.name** (string) - Optional - Name of the repository. - **scan** (object) - Optional - Scan information (present in scan-related events). - **scan.id** (string) - Optional - Unique identifier for the scan. - **scan.type** (string) - Optional - Type of scan (e.g., `FullScan`, `PrScan`). - **scan.status** (string) - Optional - Status of the scan. - **scan.duration_minutes** (number) - Optional - How long the scan took to complete. - **scan.vulnerability_summary** (object) - Optional - Summary of vulnerabilities found. - **scan.vulnerability_summary.total** (number) - Optional - Total number of vulnerabilities. - **scan.vulnerability_summary.by_severity** (object) - Optional - Breakdown by severity category. - **scan.url** (string) - Optional - URL to view scan results in ZeroPath dashboard. - **error** (string) - Optional - Error message (present in failure events). - **metadata** (object) - Optional - Additional event-specific data. - **audit_log** (object) - Optional - Audit log details (present in `AUDIT_LOG_EVENT`). - **audit_log.id** (string) - Optional - Unique identifier for the audit log entry. - **audit_log.endpoint** (string) - Optional - API endpoint that was called. - **audit_log.arguments** (any) - Optional - Arguments passed to the API endpoint. - **audit_log.caller** (object) - Optional - Information about who triggered the action. - **audit_log.timestamp** (string) - Optional - When the audit event occurred. - **vulnerability** (object) - Optional - Detailed vulnerability information (present in vulnerability events). ``` -------------------------------- ### Add a Repository using cURL Source: https://docs.zeropath.com/api-reference/introduction This example illustrates how to add a repository for scanning. It specifies the organization ID, repository type (e.g., GitHub), and the repository URL in the JSON payload, along with authentication headers. ```bash curl -X POST https://zeropath.com/repositories \ -H "X-ZeroPath-API-Token-Id: YOUR_TOKEN_ID" \ -H "X-ZeroPath-API-Token-Secret: YOUR_TOKEN_SECRET" \ -H "Content-Type: application/json" \ -d '{ "organization_id": "org_123", "repository_type": "github", "repository_url": "https://github.com/owner/repo" }' ``` -------------------------------- ### Vulnerability Score Thresholds Table Source: https://docs.zeropath.com/webhook/introduction A table outlining the different vulnerability score threshold levels in ZeroPath, their corresponding score ranges, descriptions, and typical use cases. ```markdown | Threshold Level | Score Range | Description | | --------------- | ----------- | ----------------------------------------- | | Critical | 90-100 | Immediate action required | | High | 70-89 | Serious issues requiring prompt attention | | Medium | 40-69 | Moderate risk vulnerabilities | | Low | 10-39 | Minor issues with limited impact | | Info | 0-9 | Informational findings | ``` -------------------------------- ### Start a New Scan using OpenAPI Source: https://docs.zeropath.com/api-reference/scans/start-a-new-scan This OpenAPI definition describes the `/api/v1/scans/start` endpoint for initiating a new scan. It specifies the request method (POST), authentication requirements (API token), and the expected request body parameters such as organization ID, repository details, and scan type. The response includes a list of scan IDs upon success or an error message for invalid requests. ```yaml paths: path: /api/v1/scans/start method: post servers: - url: https://zeropath.com description: Production server - url: https://dev.branch.zeropath.com description: Development server request: security: - title: apiTokenId & apiTokenSecret parameters: query: {} header: X-ZeroPath-API-Token-Id: type: apiKey X-ZeroPath-API-Token-Secret: type: apiKey cookie: {} parameters: path: {} query: {} header: {} cookie: {} body: application/json: schemaArray: - type: object properties: organizationId: allOf: - type: string repositoryIds: allOf: - type: array items: type: string repositories: allOf: - type: array items: type: object properties: id: type: string branch: type: string required: - id scanType: allOf: - type: string enum: - FullScan - PrScan description: Optional. When omitted defaults to FullScan. scanTargetBranch: allOf: - type: string description: Branch to scan (source branch for PRs) prTargetBranch: allOf: - type: string description: Target branch for PR merge (base branch) refIdentifier: '#/components/schemas/StartScanInput' examples: example: value: organizationId: repositoryIds: - repositories: - id: branch: scanType: FullScan scanTargetBranch: prTargetBranch: response: '200': application/json: schemaArray: - type: array items: allOf: - type: string refIdentifier: '#/components/schemas/StartScanResponse' examples: example: value: - description: Scan started successfully '400': application/json: schemaArray: - type: object properties: error: allOf: - type: string examples: example: value: error: description: Bad Request '401': application/json: schemaArray: - type: object properties: error: allOf: - type: string examples: example: value: error: description: Unauthorized deprecated: false type: path components: {} ``` -------------------------------- ### GET /websites/zeropath Source: https://docs.zeropath.com/api-reference/issues/search-issues Retrieves a list of issues for a given project. Supports filtering and pagination. ```APIDOC ## GET /websites/zeropath ### Description Retrieves a paginated list of issues associated with the "zeropath" project. The response includes issue details, counts by category, and pagination information. ### Method GET ### Endpoint /websites/zeropath ### Parameters #### Query Parameters - **page** (integer) - Optional - The page number to retrieve. - **pageSize** (integer) - Optional - The number of items per page. ### Request Example ```json { "example": "GET /websites/zeropath?page=1&pageSize=20" } ``` ### Response #### Success Response (200) - **issues** (array) - A list of Issue objects. - **totalCount** (integer) - The total number of issues. - **totalCountAllCategories** (integer) - The total number of issues across all categories. - **categoryCounts** (object) - Counts of issues by category (open, patched, falsePositive, etc.). - **currentPage** (integer) - The current page number. - **pageSize** (integer) - The number of items per page. #### Response Example ```json { "example": { "issues": [ { "id": "", "repositoryId": "", "repositoryName": "", "status": "open", "generatedTitle": "", "generatedDescription": "", "businessLogicScenario": "", "language": "", "vulnClass": "", "cwes": [ "" ], "vulnCategory": "SAST", "severity": 123, "confidence": 123, "score": 123, "affectedFile": "", "sastCodeSegment": "", "startLine": 123, "endLine": 123, "startColumn": 123, "endColumn": 123, "isPrBlocked": true, "triagePhase": "VulnerabilityValidation", "validated": "CONFIRMED", "validationSecurityAssessment": "", "unpatchable": true, "unpatchableReason": "", "archivedAt": "2023-11-07T05:31:56Z", "noLongerDetectedAt": "2023-11-07T05:31:56Z", "noLongerDetectedReason": "", "createdAt": "2023-11-07T05:31:56Z", "updatedAt": "2023-11-07T05:31:56Z", "naturalLanguageRuleEvaluationId": "", "naturalLanguageRuleViolationId": "", "naturalLanguageRuleViolation": { "id": "", "ruleId": "", "title": "", "description": "", "confidence": 123, "rule": { "id": "", "name": "" } }, "codeScan": { "id": "", "scanTargetBranchCommitSha": "" }, "stateChangeAuthor": "", "falsePositiveReason": "", "patch": { "id": "", "prLink": "", "prTitle": "", "prDescription": "", "gitDiff": "", "pullRequestStatus": "", "validated": "", "createdAt": "2023-11-07T05:31:56Z", "updatedAt": "2023-11-07T05:31:56Z" } } ], "totalCount": 123, "totalCountAllCategories": 123, "categoryCounts": { "open": 123, "patched": 123, "falsePositive": 123, "archived": 123, "processing": 123, "silenced": 123, "closed": 123 }, "currentPage": 1, "pageSize": 123 } } ``` #### Error Response (400) - **error** (string) - A message describing the bad request. #### Error Response (401) - **error** (string) - A message indicating unauthorized access. ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.