Tenchi logo
API docs by Redocly

Zanshin API (1.0.5)

Download OpenAPI specification:

Tenchi Security: contact@tenchisecurity.com License: Apache 2.0 Terms of Service

This is the documentation for the Zanshin Product API. Zanshin is a vulnerability management platform that manages cloud risks on service providers for your company. Learn more at https://www.tenchisecurity.com/.

Note: This documentation file covers the current endpoint only.

Find out more about Zanshin or Tenchi

System overview

Zanshin is a platform where organizations are registered and then can register their cloud environments into the system for regular security checks. Organizations can register scan Targets, as the name implies, those are the target cloud accounts that will be scanned and monitored for potential security breachs.

Once one or more scan targets are registered the system will periodically run scans, those scans will generate security alerts that can be viewed and will provide details about the detected breach, why it is a breach, which renowed guidelines does it violate, the best practice for a fix, the affected resources and other usefull data. The scan history will also be preserved so the organization can keep track of the over time improvements.

Beyond scanning their own cloud infrastructures Zanshin provides organizations with the ability to follow and be followed by other organizations, in a social-network-like environment. When a organization follows another it can see the alerts and potential secutrity issues of the followed organization. This creates a situation where an organization that has several service provider can follow all of them and be assured that they are all following the best cyber security practices. The organizations that are being followed can allow clients and potential hirers to follow them and show off their awesome security skills to their employers.

Main concepts

  • User: an user account inside the system. One login. A user must be a member of one or more organizations. Users cannot follow or be followed, they inherit the follows as followings permissions of their organizations.

  • Member a user inside of an organization is a member of that organization. They can be admins with the powers to create and configure scan targets, accept risks, etc. or regular members with read-only permissions.

  • Organization the enitity representing a company, businness, or sector of a company it has members, it has scan targets and it can follow and be followed by other organizations. Some companies make different organizations for each of their internal divisions and follow each other.

  • Followers the organizations that follow your organization. Akin to social networks followers can see the situation of your scan targets and track your alerts. Some sensitive data relating to the alerts may be censored to the followers.

  • Following the organizations that your organization is currently following. You will be able to see their satus on each of the scan targets and keep track of any security issues they have.

  • Scan target a single cloud account (be it GCP, AWS, Azure, etc) it is a target of the scans. Where the security checks will happen. One organization may have as many scan targets as they wish.

  • Scan the results of a security check of a given scan target, it will happen periodically and automatically but can also be triggered manually.

  • Alert a scan will generate several alerts for each scan target (or none if your security is pristine). Alerts are just that, alerts of potential security failures or guidelines not being followed. Alerts have all the info you need on the problem severity and how to handle it. They can be viewed by the followers. ALerts cannot be manually closed, they are only considered closed when the next scan detects that the problem has been solved.

Programmatically Accessing endpoints

To use the documented endpoints of this documentation login into zanshin and Generate API Keys from the menu. Use the newly generate key as the {AUTH_TOKEN} mentioned through the docs.

Documentation

Gets the html documentation

Gets the documentation

An endpoint to access this documentation.

Authorizations:
zanshin_auth

Responses

Request samples 

curl -X GET "https://api.zanshin.tenchisecurity.com" -H  "accept: text/html"

Account

Current logged user

Get current user data.

List all data related to the current logger user.

Authorizations:
zanshin_auth

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/me' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \

Response samples

Content type
application/json
{
  • "id": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "name": "Miyamoto Musashi",
  • "email": "niten_doraku@edo.com",
  • "roles": [ ],
  • "status": "ACTIVE",
  • "member": [
    ],
  • "following": [
    ],
  • "picture": "https://s.gravatar.com/avatar/a",
  • "language": "pr-BR",
  • "identityProvider": "google-oauth2",
  • "emailVerified": true,
  • "lastIp": "192.168.0.1",
  • "loginsCount": 42,
  • "lastLogin": "2025-04-18T18:14:32.123Z",
  • "createdAt": "2023-01-13T12:34:56.123Z",
  • "updatedAt": "2025-02-21T15:44:12.123Z"
}

Update Account Information

Update account information for current user.

Authorizations:
zanshin_auth
Request Body schema: application/json
required
name
string
picture
string

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "picture": "string"
}

Response samples

Content type
application/json
{
  • "id": "string",
  • "name": "string",
  • "email": "string",
  • "roles": [
    ],
  • "picture": "string",
  • "language": "string"
}

List user active api keys

Lists all active API Keys for an user, API Keys can be used to interact directly with the zanshin API on the behalf of that user.

Authorizations:
zanshin_auth

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/me/apikeys' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \

Response samples

Content type
application/json
[
  • {
    }
]

Create API Key

Creates a new API key for the current logged user.

Authorizations:
zanshin_auth
Request Body schema: text/plain
required
string

Responses

Request samples 

curl -X 'POST' \
'https://api.zanshin.tenchisecurity.com/me/apikeys' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-d '{
    "name": "Jomae-ya"
}'

Response samples

Content type
application/json
{
  • "id": "12349876-bbbb-aaaa-8888-222220000fff",
  • "name": "Jomae-ya",
  • "key": "***123-Aa",
  • "userId": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "lastIp": "192.168.0.1",
  • "lastUse": "2025-04-07T19:03:28.014Z",
  • "createdAt": "2025-03-22T09:54:56.123Z"
}

Delete API Key by ID

Deletes a given api key by its ID, only work if the key belongs to the current logged user

Authorizations:
zanshin_auth
path Parameters
apiKeyId
required
string <uuid> (common.Id)

Responses

Request samples 

curl -X 'DELETE' \
'https://api.zanshin.tenchisecurity.com/me/apikeys/{apiKeyId}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \

Response samples

Content type
application/json
{
  • "statusCode": 400,
  • "error": "BadRequest",
  • "message": "BadRequest"
}

Get Freshdesk JWT token

Get Freshdesk JWT token for current logged user.

Authorizations:
zanshin_auth

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/me/freshdesk' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \

Response samples

Content type
application/json
{
  • "token": "string"
}

Get current user invites

Get all pending invites for the current user.

Authorizations:
zanshin_auth

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/me/invites' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \

Response samples

Content type
application/json
[
  • {
    }
]

Get invite details by token

Get details for a specific invite

Authorizations:
zanshin_auth
path Parameters
token
required
string

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/me/invites/{token}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \

Response samples

Content type
application/json
{
  • "organizationId": "7bc05553-4b68-44e8-b7bc-37be63c6d9e9",
  • "organizationName": "string",
  • "email": "string",
  • "roles": [
    ],
  • "expiredAt": "2019-08-24T14:15:22Z",
  • "createdAt": "2019-08-24T14:15:22Z"
}

Accepts an invite

Accepts an invitation and returns the created membership for that invitation

Authorizations:
zanshin_auth
path Parameters
token
required
string

Responses

Request samples 

curl -X 'POST' \
'https://api.zanshin.tenchisecurity.com/me/invites/{token}/accept' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \

Response samples

Content type
application/json
{
  • "organizationId": "7bc05553-4b68-44e8-b7bc-37be63c6d9e9",
  • "userId": "2c4a230c-5085-4924-a3e1-25fb4fc5965b",
  • "name": "string",
  • "email": "string",
  • "roles": [
    ],
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "identityProvider": "string",
  • "lastIp": "string",
  • "lastLogin": "string",
  • "loginsCount": 0,
  • "picture": "string"
}

Organizations

Info about all organizations

List all user organizations

Lists all organizations that the current logged user belongs to.

Authorizations:
zanshin_auth

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
[
  • {
    }
]

Create organization

Creates a new organization to be owned by the current logged user.

Authorizations:
zanshin_auth
Request Body schema: application/json

Organization Name

name
string (name)

The organization name

email
string (email)

The organization e-mail

pictureId
string <uuid> (pictureId)

Organization profile picture attachment id

Responses

Request samples

Content type
application/json
{
  • "name": "Niten Ichi-ryu",
  • "email": "example@org.com",
  • "pictureId": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2"
}

Response samples

Content type
application/json
{
  • "statusCode": 400,
  • "error": "BadRequest",
  • "message": "string"
}

Details an organization by ID

Gets an organization details given its ID.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-0000-4000-a000-000000000002' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
{
  • "id": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "name": "Niten Ichi-ryu",
  • "email": "example@org.com",
  • "picture": "https://zanshin.tenchisecurity.com/assets/images/logo/tenchi_vertical.png",
  • "roles": [ ],
  • "score": "79",
  • "overallScore": "81",
  • "publicScore": "92",
  • "status": "ACTIVE",
  • "tags": [
    ],
  • "updatedAt": "2022-01-15T12:34:56.123Z",
  • "createdAt": "2021-01-01T12:34:56.123Z"
}

Edit an organization by ID

Edits an organization data given its ID, the operation will only succeed if the logged user is an administrator of the given organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

Request Body schema: application/json

Organization Name

name
string (name)

Organization Name

pictureId
string <uuid> (pictureId)

Profile picture attachment id

email
string (email)

Contact e-mail

Responses

Request samples

Content type
application/json
{
  • "name": "Org Name",
  • "pictureId": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "email": "niten@ichi-ryu.com"
}

Response samples

Content type
application/json
{
  • "id": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "name": "Niten Ichi-ryu",
  • "email": "example@org.com",
  • "picture": "https://zanshin.tenchisecurity.com/assets/images/logo/tenchi_vertical.png",
  • "roles": [ ],
  • "score": "79",
  • "overallScore": "81",
  • "publicScore": "92",
  • "status": "ACTIVE",
  • "tags": [
    ],
  • "updatedAt": "2022-01-15T12:34:56.123Z",
  • "createdAt": "2021-01-01T12:34:56.123Z"
}

Delete organization by ID

Deletes an organization given its ID, the operation will only succeed if the logged user is an administrator of the informed organization. This operation cannot be undone.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

Responses

Request samples 

curl -X 'DELETE' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-0000-4000-a000-000000000002' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
true

Organization Questionnaires

Organization Questionnaires

Create questionnaire

Create a new questionnaire for organization. Only members can create a questionnaire.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

Request Body schema: application/json

Questionnaire Name

name
string (name)

The questionnaire name

description
string (description)

The questionnaire description with markdown

Responses

Request samples

Content type
application/json
{
  • "name": "LGPD Questionnaire",
  • "description": "Was enacted to protect the fundamental rights of freedom and privacy, and the free formation of the personality of each individual"
}

Response samples

Content type
application/json
{
  • "id": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "organizationId": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "version": 0,
  • "name": "LGPD Questionnaire",
  • "description": "Was enacted to protect the fundamental rights of freedom and privacy",
  • "status": "ACTIVE",
  • "createdAt": "2023-12-01T12:34:56.123Z",
  • "updatedAt": "2023-12-01T12:34:56.123Z"
}

Get all questionnaires for organization

Get all questionnaire for organization. Only organization members can get all questionnaires. Can be sorted by name, status, createdAt, updatedAt, version and filtered by status and name.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

query Parameters
order
string
Enum: "name" "status" "version" "createdAt" "updatedAt"
Example: order=version
sort
string
Enum: "asc" "desc"
Example: sort=asc
status
string
Enum: "ACTIVE" "INACTIVE"
Example: status=ACTIVE
name
string
Example: name=myQuestionnaire

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/questionnaires' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json' \

Response samples

Content type
application/json
{
  • "data": [
    ]
}

Get a specific questionnaire for organization

Get a specific questionnaire for organization. Only organization members can get all questionnaires.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/questionnaires/f1b6afa7-0000-1111-2222-66e2faf6488e' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json'

Response samples

Content type
application/json
{
  • "id": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "organizationId": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "version": 0,
  • "name": "LGPD Questionnaire",
  • "description": "Was enacted to protect the fundamental rights of freedom and privacy",
  • "status": "ACTIVE",
  • "createdAt": "2023-12-01T12:34:56.123Z",
  • "updatedAt": "2023-12-01T12:34:56.123Z"
}

Update a specific questionnaire for organization

Update a specific questionnaire for organization. Only organization member should get all questionnaires.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

Responses

Request samples 

curl -X 'PUT' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/questionnaires/f1b6afa7-0000-1111-2222-66e2faf6488e' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json' 
--data '{
          "name": "Questionário 2 UPDATE - Teste",
          "description": "### description markdown SUPER ADMIN UPDATE"
        }'

Response samples

Content type
application/json
{
  • "id": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "organizationId": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "version": 0,
  • "name": "LGPD Questionnaire",
  • "description": "Was enacted to protect the fundamental rights of freedom and privacy",
  • "status": "ACTIVE",
  • "createdAt": "2023-12-01T12:34:56.123Z",
  • "updatedAt": "2023-12-01T12:34:56.123Z"
}

Publish questionnaire

Publish a new questionnaire for organization. Only organization admin members can create a questionnaire.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

Responses

Request samples 

curl -X 'POST' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/questionnaires/00000000-ffff-4000-a000-000000000001/publish' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json' \

Response samples

Content type
application/json
{
  • "id": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "organizationId": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "version": 0,
  • "name": "LGPD Questionnaire",
  • "description": "Was enacted to protect the fundamental rights of freedom and privacy",
  • "status": "ACTIVE",
  • "createdAt": "2023-12-01T12:34:56.123Z",
  • "updatedAt": "2023-12-01T12:34:56.123Z"
}

Send questionnaire

Send a new questionnaire for organization. Only organization admin members can create a questionnaire.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

Request Body schema: application/json
receiverIds
Array of strings <uuid> (receiverIds) [ items <uuid > ]

Questionnaire receiver ids

receiverTags
Array of strings (Receiver tags)

Questionnaire receiver tags

dueDate
string <date-time> (Due Date)

Due date for the assessment

Array of objects (ContactInformation)

Assessment contact information

Responses

Request samples

Content type
application/json
{
  • "receiverIds": [
    ],
  • "receiverTags": [
    ],
  • "dueDate": "2023-12-01T12:34:56.123Z",
  • "contactInformation": [
    ]
}

Response samples

Content type
application/json
true

Get all questionnaire versions

Get all questionnaire versions. Only members can create a questionnaire.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/questionnaires/00000000-ffff-4000-a000-000000000001/versions' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json'

Response samples

Content type
application/json
{
  • "data": [
    ]
}

Get questionnaire version

Get a specific questionnaire version. Only members can get a questionnaire.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

questionnaireVersion
required
number

Version unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/questionnaires/00000000-ffff-4000-a000-000000000001/versions/1' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json'

Response samples

Content type
application/json
{
  • "id": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "organizationId": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "version": 0,
  • "name": "LGPD Questionnaire",
  • "description": "Was enacted to protect the fundamental rights of freedom and privacy",
  • "status": "ACTIVE",
  • "createdAt": "2023-12-01T12:34:56.123Z",
  • "updatedAt": "2023-12-01T12:34:56.123Z"
}

Get questionnaire questions by version Deprecated

Get questions for a specific questionnaire version. Only members can get a questionnaire.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

questionnaireVersion
required
number

Version unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/questionnaires/00000000-ffff-4000-a000-000000000001/versions/1/questions' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json'

Response samples

Content type
application/json
{
  • "data": [
    ]
}

Create questions Deprecated

Create a new question for questionnaire. Only members can create a questionnaire.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

Responses

Request samples 

curl -X 'POST' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/questionnaires/00000000-ffff-4000-a000-000000000001/questions' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json' \
-d '{
      "order": "1",
      "title": "Question 1",
      "description": "Description 1",
      "params": ["SINGLE_CHOICE"],
  }'

Response samples

Content type
application/json
{
  • "id": "d95f5beb-5c3c-4ee0-96ba-a769c25496fe",
  • "organizationId": "d95f5beb-5c3c-4ee0-96ba-a769c25496fe",
  • "questionnaireId": "d95f5beb-5c3c-4ee0-96ba-a769c25496fe",
  • "questionnaireVersion": 0,
  • "order": "a",
  • "title": "My Question",
  • "description": "Question description",
  • "params": {
    }
}

Get all questions Deprecated

Only organization members can get all questions for questionnaire. Can be filtered by title, type and required.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

query Parameters
title
string
Example: title=firstQuestion
type
string
Enum: "TEXT" "SINGLE_CHOICE" "MULTIPLE_CHOICE"
Example: type=TEXT
required
boolean
Example: required=true

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/questionnaires/00000000-ffff-4000-a000-000000000001/questions' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json'

Response samples

Content type
application/json
{
  • "data": [
    ]
}

Get all assessments for organization

Get all assessments for organization. Only organization members can get all assessments. Sortable by questionnaire name, due date, date sent and status. Filterable by questionnaire name, receiver id, sender id, questionnaire id, due date, status.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

Request Body schema: application/json
name
string (name)

Name of the questionnaire (search)

questionnaireIds
Array of strings <uuid> (questionnaireIds) [ items <uuid > ]

Questionnaire ids, passing an empty array will include assessments from all questionnaires

statuses
Array of strings (statuses)
Items Enum: "NEW" "APPROVED" "REJECTED" "REQUESTED_REVIEW" "REQUESTED_CLARIFICATION"

Assessment statuses, passing an empty array will include assessments from all statuses

reviewStatuses
Array of strings (statuses)
Items Enum: "TIMELY" "UNTIMELY"

Assessment review statuses, passing an empty array will include assessments from all statuses

receiverIds
Array of strings <uuid> (receiverIds) [ items <uuid > ]

Receiver ids, passing any value (including empty) will return assessments you sent to the specified receivers. Not passing this parameter will exclude all assessments that you are the sender.

senderIds
Array of strings <uuid> (senderIds) [ items <uuid > ]

Sender ids, passing any value (including empty) will return assessments you received from the specified senders. Not passing this parameter will exclude all assessments that you are the receiver.

dueDateStart
string <date-time> (dueDateStart)

Only assessments with a due date after this date will be included in the response.

dueDateEnd
string <date-time> (dueDateEnd)

Only assessments with a due date before this date will be included in the response.

order
string (order)
Enum: "status" "dueDate" "updatedAt" "name" "createdAt" "senderId"

Order by field

sort
string (sort)
Enum: "asc" "desc"

Sort order

object (pagination)

Results pagination

Responses

Request samples

Content type
application/json
{
  • "name": "myQuestionnaire",
  • "questionnaireIds": [
    ],
  • "statuses": [
    ],
  • "reviewStatuses": [
    ],
  • "receiverIds": [
    ],
  • "senderIds": [
    ],
  • "dueDateStart": "2020-01-15T11:30:59.123Z",
  • "dueDateEnd": "2020-01-15T11:30:59.123Z",
  • "order": "status",
  • "sort": "asc",
  • "pagination": {
    }
}

Response samples

Content type
application/json
{
  • "id": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "questionnaireId": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "questionnaireVersion": 0,
  • "senderId": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "receiverId": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "name": "LGPD Questionnaire",
  • "description": "Was enacted to protect the fundamental rights of freedom and privacy",
  • "dueDate": "2023-12-01T12:34:56.123Z",
  • "firstRequestedReviewAt": "2023-12-01T11:11:11.123Z",
  • "status": "NEW",
  • "createdAt": "2023-12-01T12:34:56.123Z",
  • "updatedAt": "2023-12-01T12:34:56.123Z"
}

Get assessment by id

Get a specific assessment for an organization. Only organization members can get an assessment.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

assessmentId
required
string

Assessment unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/assessments/00000000-ffff-4000-a000-000000000001' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json'

Response samples

Content type
application/json
{
  • "id": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "questionnaireId": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "questionnaireVersion": 0,
  • "senderId": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "receiverId": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "name": "LGPD Questionnaire",
  • "description": "Was enacted to protect the fundamental rights of freedom and privacy",
  • "dueDate": "2023-12-01T12:34:56.123Z",
  • "firstRequestedReviewAt": "2023-12-01T11:11:11.123Z",
  • "status": "NEW",
  • "createdAt": "2023-12-01T12:34:56.123Z",
  • "updatedAt": "2023-12-01T12:34:56.123Z"
}

Update assessment status

Update assessment status. Only organization members can update an assessment.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

assessmentId
required
string

Assessment unique identifier

Request Body schema: application/json
status
required
string (AssessmentStatusProp)
Enum: "NEW" "REQUESTED_REVIEW" "REQUESTED_CLARIFICATION" "APPROVED" "REJECTED"

Assessment Status

Responses

Request samples

Content type
application/json
{
  • "status": "REQUESTED_REVIEW"
}

Response samples

Content type
application/json
true

Get questions by id Deprecated

Get a question by id for a given questionnaire. Only organization members can get a question.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

questionId
required
string

Question unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/questionnaires/00000000-ffff-4000-a000-000000000001/questions/00000007-ffff-4000-a000-000000000007' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json' \

Response samples

Content type
application/json
{
  • "id": "d95f5beb-5c3c-4ee0-96ba-a769c25496fe",
  • "organizationId": "d95f5beb-5c3c-4ee0-96ba-a769c25496fe",
  • "questionnaireId": "d95f5beb-5c3c-4ee0-96ba-a769c25496fe",
  • "questionnaireVersion": 0,
  • "order": "a",
  • "title": "My Question",
  • "description": "Question description",
  • "params": {
    }
}

Update a question Deprecated

Update a question for a questionnaire. Only organization members can create questions.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

questionId
required
string

Question unique identifier

Responses

Request samples 

curl -X 'PUT' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/questionnaires/00000000-ffff-4000-a000-000000000001/questions/30624c82-ff7a-4240-8137-17d9faf6ccbe' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json' \
-d '{
      "order": "1",
      "title": "Question 1",
      "description": "Description 1",
      "params": ["SINGLE_CHOICE"],
  }'

Response samples

Content type
application/json
{
  • "id": "d95f5beb-5c3c-4ee0-96ba-a769c25496fe",
  • "organizationId": "d95f5beb-5c3c-4ee0-96ba-a769c25496fe",
  • "questionnaireId": "d95f5beb-5c3c-4ee0-96ba-a769c25496fe",
  • "questionnaireVersion": 0,
  • "order": "a",
  • "title": "My Question",
  • "description": "Question description",
  • "params": {
    }
}

Delete question Deprecated

Delete a question from a questionnaire. Only organization members can delete questions.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

questionId
required
string

Question unique identifier

Responses

Request samples 

curl -X 'DELETE' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/questionnaires/00000000-ffff-4000-a000-000000000001/questions/qid' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json' \

Response samples

Content type
application/json
true

Get all schedules for questionnaire

Get all schedules for a questionnaire given both the organization and questionnaire Ids.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/questionnaires/f1b6afa7-0000-1111-2222-66e2faf6488e/schedules' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json'

Response samples

Content type
application/json
{
  • "data": [
    ]
}

Create a questionnaire schedule

Create a new schedule for the questionnaire.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

Request Body schema: application/json
name
string (QuestionnaireScheduleNameProps)

Questionnaire schedule name

frequency
string (QuestionnaireScheduleFrequencyProps)
Enum: "MONTHLY" "QUARTERLY" "SEMESTRAL" "YEARLY"

Questionnaire schedule

dueDays
number (QuestionnaireScheduleDueDaysProps) <= 365

Questionnaire schedule due days

receiverTags
Array of strings (QuestionnaireScheduleReceiverTagsProps)

Questionnaire schedule receiver tags

Array of objects (QuestionnaireContactInformationProps)

Assessment contact information

Responses

Request samples

Content type
application/json
{
  • "name": "Daily questionnaire schedule",
  • "frequency": "MONTHLY",
  • "dueDays": 5,
  • "receiverTags": [
    ],
  • "contactInformation": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "058d35d5-1e41-4ff9-8768-c76aa7009fed",
  • "questionnaireId": "53c4706f-55c8-4f91-81ee-3fb773fc219b",
  • "organizationId": "00000000-0000-4000-a000-000000000001",
  • "name": "Daily questionnaire schedule",
  • "frequency": "MONTHLY",
  • "dueDays": 5,
  • "receiverTags": [
    ],
  • "createdAt": "2021-01-01T12:34:56.123Z",
  • "updatedAt": "2022-01-15T12:34:56.123Z"
}

Get a specific questionnaire schedule

Get a specific questionnaire schedule given the organization, questionnaire and questionnaire schedule Ids.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

questionnaireScheduleId
required
string

Questionnaire Schedule unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/questionnaires/f1b6afa7-0000-1111-2222-66e2faf6488e/schedules/d95d5785-335e-472a-bd30-0b6c9164c49b' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json'

Response samples

Content type
application/json
{
  • "id": "058d35d5-1e41-4ff9-8768-c76aa7009fed",
  • "questionnaireId": "53c4706f-55c8-4f91-81ee-3fb773fc219b",
  • "organizationId": "00000000-0000-4000-a000-000000000001",
  • "name": "Daily questionnaire schedule",
  • "frequency": "MONTHLY",
  • "dueDays": 5,
  • "receiverTags": [
    ],
  • "createdAt": "2021-01-01T12:34:56.123Z",
  • "updatedAt": "2022-01-15T12:34:56.123Z"
}

Update a questionnaire schedule

Update a questionnaire schedule.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

questionnaireScheduleId
required
string

Questionnaire Schedule unique identifier

Request Body schema: application/json
name
string (QuestionnaireScheduleNameProps)

Questionnaire schedule name

frequency
string (QuestionnaireScheduleFrequencyProps)
Enum: "MONTHLY" "QUARTERLY" "SEMESTRAL" "YEARLY"

Questionnaire schedule

dueDays
number (QuestionnaireScheduleDueDaysProps) <= 365

Questionnaire schedule due days

receiverTags
Array of strings (QuestionnaireScheduleReceiverTagsProps)

Questionnaire schedule receiver tags

Array of objects (QuestionnaireContactInformationProps)

Assessment contact information

Responses

Request samples

Content type
application/json
{
  • "name": "Daily questionnaire schedule",
  • "frequency": "MONTHLY",
  • "dueDays": 5,
  • "receiverTags": [
    ],
  • "contactInformation": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "058d35d5-1e41-4ff9-8768-c76aa7009fed",
  • "questionnaireId": "53c4706f-55c8-4f91-81ee-3fb773fc219b",
  • "organizationId": "00000000-0000-4000-a000-000000000001",
  • "name": "Daily questionnaire schedule",
  • "frequency": "MONTHLY",
  • "dueDays": 5,
  • "receiverTags": [
    ],
  • "createdAt": "2021-01-01T12:34:56.123Z",
  • "updatedAt": "2022-01-15T12:34:56.123Z"
}

Remove a questionnaire schedule

Remove a questionnaire schedule given the organization, questionnaire and questionnaire schedule Ids.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

questionnaireScheduleId
required
string

Questionnaire Schedule unique identifier

Responses

Request samples 

curl -X 'DELETE' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/questionnaires/f1b6afa7-0000-1111-2222-66e2faf6488e/schedules/d95d5785-335e-472a-bd30-0b6c9164c49b' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \

Response samples

Content type
application/json
true

Update questionnaire status

Updates the status for the questionnaire.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

Request Body schema: application/json
status
required
string (QuestionnaireStatusProp)
Enum: "ACTIVE" "INACTIVE"

Questionnaire Status

Responses

Request samples

Content type
application/json
{
  • "status": "ACTIVE"
}

Response samples

Content type
application/json
{
  • "id": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "organizationId": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "version": 0,
  • "name": "LGPD Questionnaire",
  • "description": "Was enacted to protect the fundamental rights of freedom and privacy",
  • "status": "ACTIVE",
  • "createdAt": "2023-12-01T12:34:56.123Z",
  • "updatedAt": "2023-12-01T12:34:56.123Z"
}

Get questions and answers for an assessment.

Get questions and answers for an assessment. Can be sorted by answer status and filtered by answer status and question title.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

assessmentId
required
string

Assessment unique identifier

query Parameters
order
string
Value: "status"
Example: order=status
sort
string
Enum: "asc" "desc"
Example: sort=asc
title
string
Example: title=myQuestion
status
string
Enum: "NEW" "APPROVED" "REJECTED" "REQUESTED_REVIEW" "REQUESTED_CLARIFICATION"
Example: status=NEW

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/assessments/00000000-ffff-4000-a000-000000000001/questions' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json'

Response samples

Content type
application/json
{
  • "data": {
    }
}

Summarizes assessments

An endpoint to get summarized data on assessments sent by the time spent waiting for response. The assessments are grouped by days from 0 to 12+. Can be filtered by assessments createdAt date.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

query Parameters
createdAfterStart
string <date-time>
Example: createdAfterStart=2024-01-15
createdAfterEnd
string <date-time>
Example: createdAfterEnd=2024-02-15

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/summary/assessments' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json' \

Response samples

Content type
application/json
{
  • "data": [
    ]
}

Get all assessments comments.

Get all assessments comments.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/assessments/comments' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json'

Response samples

Content type
application/json
{
  • "data": [
    ]
}

Create Assessment comments

Create assessment comments.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

Request Body schema: application/json
content
required
string <markdown> (Content)

Assessment comment content

Responses

Request samples

Content type
application/json
{
  • "content": "Assessment comment"
}

Response samples

Content type
application/json
{
  • "id": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "organizationId": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "content": "Assessment comment",
  • "createdAt": "2021-01-01T12:34:56.123Z"
}

Get question answer.

Get the answer for a question of an assessment

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

assessmentId
required
string

Assessment unique identifier

questionId
required
string

Question unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/assessments/00000000-ffff-4000-a000-000000000001/questions/00000000-ffff-4000-a000-000000000001' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json'

Response samples

Content type
application/json
{
  • "id": "d95f5beb-5c3c-4ee0-96ba-a769c25496fe",
  • "order": "a",
  • "title": "My Question",
  • "description": "Question description",
  • "params": {
    },
  • "answer": {
    },
  • "commentCount": 0
}

Create question answer

Create question answer.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

assessmentId
required
string

Assessment unique identifier

questionId
required
string

Question unique identifier

Request Body schema: application/json
Content (object) or Content (object) or Content (object) (AnswerContentProps)

Responses

Request samples

Content type
application/json
{
  • "content": {
    }
}

Response samples

Content type
application/json
{
  • "content": {
    },
  • "status": "NEW",
  • "createdAt": "2021-01-01T12:34:56.123Z",
  • "updatedAt": "2022-01-15T12:34:56.123Z"
}

Update answer status

Updates the answer status for a question.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

assessmentId
required
string

Assessment unique identifier

questionId
required
string

Question unique identifier

Request Body schema: application/json
status
required
string (AnswerStatusProps)
Enum: "NEW" "APPROVED" "REJECTED" "REQUESTED_REVIEW" "REQUESTED_CLARIFICATION"
object

Responses

Request samples

Content type
application/json
{
  • "status": "NEW",
  • "comment": {
    }
}

Response samples

Content type
application/json
{
  • "content": {
    },
  • "status": "NEW",
  • "createdAt": "2021-01-01T12:34:56.123Z",
  • "updatedAt": "2022-01-15T12:34:56.123Z"
}

Get all assessment comments.

Get all assessment comments for a question.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

assessmentId
required
string

Assessment unique identifier

questionId
required
string

Question unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/assessments/00000000-ffff-4000-a000-000000000001/questions/00000000-ffff-4000-a000-000000000001/comments' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json'

Response samples

Content type
application/json
{
  • "data": [
    ]
}

Create Assessment comments

Create an assessment comment for a question.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

assessmentId
required
string

Assessment unique identifier

questionId
required
string

Question unique identifier

Request Body schema: application/json
content
required
string <markdown> (Content)

Assessment comment content

Responses

Request samples

Content type
application/json
{
  • "content": "Assessment comment"
}

Response samples

Content type
application/json
{
  • "id": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "organizationId": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "content": "Assessment comment",
  • "createdAt": "2021-01-01T12:34:56.123Z"
}

Create elements

Create a new element for questionnaire.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

Request Body schema: application/json
type
required
string (Type)
Enum: "QUESTION" "SECTION"

Element type

order
required
string (Order)

Elements order

required
QuestionProps (object) or SectionProps (object) (Props)

Responses

Request samples

Content type
application/json
{
  • "type": "QUESTION",
  • "order": "a",
  • "props": {
    }
}

Response samples

Content type
application/json
{
  • "id": "d95f5beb-5c3c-4ee0-96ba-a769c25496fe",
  • "questionnaireId": "99fa643d-45fb-4bf6-9208-3d7319a8ab21",
  • "organizationId": "e81086d0-060e-4bdb-8c56-f9c99a23ea91",
  • "questionnaireVersion": 0,
  • "order": "a",
  • "type": "QUESTION",
  • "props": {
    },
  • "createdAt": "2021-01-01T12:34:56.123Z",
  • "updatedAt": "2022-01-15T12:34:56.123Z"
}

Get all elements

Only organization members can get all elements for questionnaire.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/questionnaires/00000000-ffff-4000-a000-000000000001/elements' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json'

Response samples

Content type
application/json
{
  • "data": [
    ]
}

Get element by id

Get a element by id for a given questionnaire. Only organization members can get a element.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

elementId
required
string

Element unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/questionnaires/00000000-ffff-4000-a000-000000000001/elements/00000007-ffff-4000-a000-000000000007' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json' \

Response samples

Content type
application/json
{
  • "id": "d95f5beb-5c3c-4ee0-96ba-a769c25496fe",
  • "questionnaireId": "99fa643d-45fb-4bf6-9208-3d7319a8ab21",
  • "organizationId": "e81086d0-060e-4bdb-8c56-f9c99a23ea91",
  • "questionnaireVersion": 0,
  • "order": "a",
  • "type": "QUESTION",
  • "props": {
    },
  • "createdAt": "2021-01-01T12:34:56.123Z",
  • "updatedAt": "2022-01-15T12:34:56.123Z"
}

Update an element

Update an element for a questionnaire. Only organization members can update elements.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

elementId
required
string

Element unique identifier

Request Body schema: application/json
type
required
string (Type)
Enum: "QUESTION" "SECTION"

Element type

order
required
string (Order)

Elements order

required
QuestionProps (object) or SectionProps (object) (Props)

Responses

Request samples

Content type
application/json
{
  • "type": "QUESTION",
  • "order": "a",
  • "props": {
    }
}

Response samples

Content type
application/json
{
  • "id": "d95f5beb-5c3c-4ee0-96ba-a769c25496fe",
  • "questionnaireId": "99fa643d-45fb-4bf6-9208-3d7319a8ab21",
  • "organizationId": "e81086d0-060e-4bdb-8c56-f9c99a23ea91",
  • "questionnaireVersion": 0,
  • "order": "a",
  • "type": "QUESTION",
  • "props": {
    },
  • "createdAt": "2021-01-01T12:34:56.123Z",
  • "updatedAt": "2022-01-15T12:34:56.123Z"
}

Delete element

Delete an element from a questionnaire. Only organization members can delete elements.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

elementId
required
string

Element unique identifier

Responses

Request samples 

curl -X 'DELETE' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/questionnaires/00000000-ffff-4000-a000-000000000001/elements/00000007-ffff-4000-a000-000000000007' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json' \

Response samples

Content type
application/json
true

Get questionnaire elements by version

Get elements for a specific questionnaire version.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

questionnaireVersion
required
number

Version unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/questionnaires/00000000-ffff-4000-a000-000000000001/versions/1/elements' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json'

Response samples

Content type
application/json
{
  • "data": [
    ]
}

Clone Questionnaire

Clones a specific questionnaire for organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

questionnaireId
required
string

Questionnaire unique identifier

questionnaireVersion
required
number

Version unique identifier

Request Body schema: application/json
name
string (Name)

Questionnaire name

Responses

Request samples

Content type
application/json
{
  • "name": "LGPD Questionnaire"
}

Response samples

Content type
application/json
{
  • "id": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "organizationId": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "version": 0,
  • "name": "LGPD Questionnaire",
  • "description": "Was enacted to protect the fundamental rights of freedom and privacy",
  • "status": "ACTIVE",
  • "createdAt": "2023-12-01T12:34:56.123Z",
  • "updatedAt": "2023-12-01T12:34:56.123Z"
}

Get all assessment elements

Only organization members can get elements for an assessment.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

assessmentId
required
string

Assessment unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/assessments/00000000-ffff-4000-a000-000000000001/elements' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json'

Response samples

Content type
application/json
{
  • "data": [
    ]
}

Get assessment element

Only organization members can get an element for an assessment.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

assessmentId
required
string

Assessment unique identifier

elementId
required
string

Element unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-ffff-4000-a000-000000000001/assessments/00000000-ffff-4000-a000-000000000001/elements/00000000-ffff-4000-a000-000000000001' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json'

Response samples

Content type
application/json
{
  • "id": "d95f5beb-5c3c-4ee0-96ba-a769c25496fe",
  • "order": "a",
  • "type": "QUESTION",
  • "props": {
    },
  • "answer": {
    },
  • "commentCount": 0
}

get assessment history

gets assessment history.

path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)

Organization Id.

assessmentId
required
string <uuid> (questionnaire.AssessmentId)

Assessment Id.

Responses

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "cursor": "string"
}

get assessment questions history

gets assessment questions history.

path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)

Organization Id.

assessmentId
required
string <uuid> (questionnaire.AssessmentId)

Assessment Id.

Responses

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "cursor": "string"
}

Organization Members

Manage organization members

List organization members

Lists all organization members given the organization ID.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-0000-4000-a000-000000000002/members' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
[
  • {
    }
]

Get organization member details

Gets a user data if and only if the user is a member of the organization given both IDs. Data will only be returned if the logged user is an organization administrator and the user is a member of the organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

userId
required
string

User unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/members/{userId}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
[
  • {
    }
]

Edit user membership

Makes an user an admin or removes admin for an user. The requesting user must be an organization administrator to use this endpoint.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

userId
required
string

User unique identifier

Request Body schema: application/json

Organization member body

roles
Array of strings (roles)

New roles

Responses

Request samples

Content type
application/json
{
  • "roles": [
    ]
}

Response samples

Content type
application/json
{
  • "userId": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "name": "Niten Ichi-ryu",
  • "email": "niten_doraku@edo.com",
  • "roles": [
    ],
  • "picture": "https://s.gravatar.com/avatar/a",
  • "identityProvider": "auth0",
  • "loginsCount": 23,
  • "lastIp": "192.168.0.1",
  • "lastLogin": "1645-06-13T12:34:56.123Z",
  • "updatedAt": "2022-01-15T12:34:56.123Z",
  • "createdAt": "2021-01-01T12:34:56.123Z"
}

Remove user from organization

Removes and user form a organization given both IDs. The logged user must be an organization administrator to invoke this endpoint. The target user must currently be and organization member for anything to happen.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

userId
required
string

User unique identifier

Responses

Request samples 

curl -X 'DELETE' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/members/{userId}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
true

Lists all organization invites

Lists all pending invitations that an organization has given its ID. The logged user must be an organization administrator to fetch the data.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/invites' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
[
  • {
    }
]

Create invitation from organization

Issues an invitation from the given organization (informed as a path param) to a target (informed on the body). The logged user must be an administrator of the organization informed as a path param to invoke this endpoint.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

Request Body schema: application/json

Invite data

email
string (email)

Email to invite

roles
Array of strings (roles)

New roles

Responses

Request samples

Content type
application/json
{
  • "email": "niten_doraku@edo.com",
  • "roles": [ ]
}

Response samples

Content type
application/json
{
  • "organizationId": "00000000-0000-4000-a000-000000000001",
  • "organizationName": "Niten Ichi-ryu",
  • "email": "niten_doraku@edo.com",
  • "roles": [ ],
  • "expiredAt": "2021-06-01T12:34:56.123Z",
  • "createdAt": "2021-01-13T12:34:56.123Z"
}

Get organization invites by email

Lists all invites made to a informed email on behalf of the informed organization. The logged user must be an administratir of the organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

email
required
string <email>

User registered email

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/invites/{email}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
{
  • "organizationId": "00000000-0000-4000-a000-000000000001",
  • "organizationName": "Niten Ichi-ryu",
  • "email": "niten_doraku@edo.com",
  • "roles": [ ],
  • "expiredAt": "2021-06-01T12:34:56.123Z",
  • "createdAt": "2021-01-13T12:34:56.123Z"
}

Invalidate organization invite

Invalidates an invite made to the informed email on behalf of the informed organization. The logged user must be an administratir of the organization ti use this endpoint.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

email
required
string <email>

User registered email

Responses

Request samples 

curl -X 'DELETE' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/invites/{email}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
true

Resend organization invitation

Resends an invite made to the informed email on behalf of the informed organization. The logged user must be an administrator of the organization to use this endpoint.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

email
required
string <email>

User registered email

Responses

Request samples 

curl -X 'POST' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/invites/{email}/resend' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-d ''

Response samples

Content type
application/json
true

Reset organization member mfa

An email will be sent to the user with instructions for resetting the MFA.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

userId
required
string

User unique identifier

Responses

Request samples 

curl -X 'POST' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/members/{userId}/mfa/reset' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-d ''

Response samples

Content type
application/json
true

Reset organization member password

An email will be sent to the user with instructions for resetting the password.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

userId
required
string

User unique identifier

Responses

Request samples 

curl -X 'POST' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/members/{userId}/password/reset' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-d ''

Response samples

Content type
application/json
true

Organization Followers

Manage followers

List organization followers

Lists all organization followers given the organization ID. The logged user must be an administrator of the organization to use this endpoint.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/followers' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
[
  • {
    }
]

Detail follower

Get details for the follower.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

followerId
required
string

A follower organization unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/follower/{followerId}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
{
  • "id": "00000000-0000-4000-a000-000000000001",
  • "name": "Niten Ichi-ryu",
  • "picture": "https://s.gravatar.com/avatar/a",
  • "status": "ACTIVE",
  • "share": {
    },
  • "score": "79",
  • "updatedAt": "2022-01-15T12:34:56.123Z",
  • "createdAt": "2021-01-01T12:34:56.123Z"
}

Remove Follower

Remove a follower given both the followed and follower organization IDs. The requesting user must be an administrator of the followed organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

followerId
required
string

A follower organization unique identifier

Responses

Request samples 

curl -X 'DELETE' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/followers/{followerId}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
true

List follow requests

Lists all organization follow requests given the organization ID. The logged user must be an administrator of the organization to use this endpoint.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/followers/requests' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
[
  • {
    }
]

Create follow request

Create a follow request from the given organization (informed in the path) to the target organization (informed on the body). The logged user must be an administrator of the path informed organization to use this endpoint.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

Request Body schema: application/json

Organization Id for the to be followed org

token
string

Responses

Request samples

Content type
application/json
{
  • "token": "00000000-0000-4000-a000-000000000002"
}

Response samples

Content type
application/json
{
  • "id": "00000000-0000-4000-a000-000000000001",
  • "name": "Niten Ichi-ryu",
  • "picture": "https://s.gravatar.com/avatar/a",
  • "status": "ACTIVE",
  • "share": {
    },
  • "score": "79",
  • "updatedAt": "2022-01-15T12:34:56.123Z",
  • "createdAt": "2021-01-01T12:34:56.123Z"
}

Details follow request

Get a follow request details given the organization ID and a follow erquest unique identifier. The follow request identifier must be valid and must have been issued by or to the organization. The logged user must be an administrator of the organization to use this endpoint.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

followerId
required
string

A follower organization unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/followers/requests/{followerId}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
{
  • "id": "00000000-0000-4000-a000-000000000001",
  • "name": "Niten Ichi-ryu",
  • "picture": "https://s.gravatar.com/avatar/a",
  • "status": "ACTIVE",
  • "share": {
    },
  • "score": "79",
  • "updatedAt": "2022-01-15T12:34:56.123Z",
  • "createdAt": "2021-01-01T12:34:56.123Z"
}

Cancel follow request

Cancels an issued follow request given the organization ID and a follow request unique identifier. The follow request identifier must be valid and must have been issued by the organization. The logged user must be an administrator of the organization to use this endpoint.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

followerId
required
string

A follower organization unique identifier

Responses

Request samples 

curl -X 'DELETE' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/followers/requests/{followerId}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
true

Organization Following

Manage following

List followed organizations

List all companies that are being followed by a given organization. The logged user must be an administrator of the given organization

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/following' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
[
  • {
    }
]

Detail following

Get details for the following.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

followingId
required
string

A following organization unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/following/{followingId}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
{
  • "id": "00000000-0000-4000-a000-000000000001",
  • "name": "Niten Ichi-ryu",
  • "picture": "https://s.gravatar.com/avatar/a",
  • "status": "ACTIVE",
  • "tags": [
    ],
  • "score": "75",
  • "updatedAt": "2022-01-15T12:34:56.123Z",
  • "createdAt": "2021-01-01T12:34:56.123Z"
}

Stop following

Stops following the provided organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

followingId
required
string

A following organization unique identifier

Responses

Request samples 

curl -X 'DELETE' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/following/{followingId}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
true

Update following

Update for the following.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

followingId
required
string

A following organization unique identifier

Responses

Request samples 

curl -X 'PUT' \
'https://api.zanshin.tenchisecurity.com/organizations/{organizationId}/following/{followingId}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
{
  • "id": "f12345ab-6cd9-ab88-999e-bbdd2266f1b2",
  • "name": "Niten Ichi-ryu",
  • "email": "example@org.com",
  • "picture": "https://zanshin.tenchisecurity.com/assets/images/logo/tenchi_vertical.png",
  • "roles": [ ],
  • "score": "79",
  • "overallScore": "81",
  • "publicScore": "92",
  • "status": "ACTIVE",
  • "tags": [
    ],
  • "updatedAt": "2022-01-15T12:34:56.123Z",
  • "createdAt": "2021-01-01T12:34:56.123Z"
}

List follow request

List all following requests (when a company asks you to follow them) received by a given organization. The logged user must be an administrator of the organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/following/requests' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
[
  • {
    }
]

Accepts a follow request

Accepts a following requests (become a follower of) given organization. The logged user must be an administrator of the accepting organization. The token must be valid and submitted to the informed organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

followingId
required
string

A following organization unique identifier

Responses

Request samples 

curl -X 'POST' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/following/requests/{followingId}/accept' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-d ''

Response samples

Content type
application/json
{
  • "id": "00000000-0000-4000-a000-000000000001",
  • "name": "Niten Ichi-ryu",
  • "picture": "https://s.gravatar.com/avatar/a",
  • "status": "ACTIVE",
  • "updatedAt": "2022-01-15T12:34:56.123Z",
  • "createdAt": "2021-01-01T12:34:56.123Z"
}

Decline follow request

Declines a following request (decline to become a follower of) given organization. The logged user must be an administrator of the declining organization. The requesting company must be valid and have submitted a prior following request.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

followingId
required
string

A following organization unique identifier

Responses

Request samples 

curl -X 'POST' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/following/requests/{followingId}/decline' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-d ''

Response samples

Content type
application/json
true

Organization Following Tags

Manage following tags

List all tags applied to followed organizations

List all tags applied to organizations being followed by a given organization. The logged user must be a member of the organization

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/following/tags' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
[
  • "design",
  • "financial",
  • "customer",
  • "payment"
]

Organization Scan Targets

Manage Scan Targets

List the scans of a scan target

Lists the scan history of a given scan target. The requesting user must be a member of the organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

scanTargetId
required
string

Scan target unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/scantargets/{sncaTargetId}/scans' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
{
  • "data": [
    ]
}

Details a scan

Get detailed data for a specific scan execution. The requesting user must be a member of the organization owning the scan target.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

scanTargetId
required
string

Scan target unique identifier

slot
required
integer <int64>

ID of the scan to return

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/scantargets/{scanTargetId}/scans/{scanId}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
{
  • "execution": "arn:aws:states:us-x-x:account_id:execution:x:45cec8fe-f9f8-4df8-b255-14bf1dae3ab3-20211207-150048341",
  • "organizationId": "00000000-0000-4000-a000-000000000001",
  • "scanTargetId": "fa000000-0000-4000-a000-000000000001",
  • "slot": "2021-03-08T00:06:02.377Z",
  • "status": "RUNNING",
  • "summary": {
    },
  • "updatedAt": "2022-01-15T12:34:56.123Z",
  • "createdAt": "2022-01-15T12:34:56.123Z"
}

Create a scan target suggestion

Create a scan target suggestion for a following organization. The requesting user must be a member of the organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)
followingId
required
string <uuid> (organization.OrganizationId)
Request Body schema: application/json
required
account
required
string

Scan target suggestion account, for now only domains, should contain only the second-level and top-level domain, without the protocol (https://)

kind
required
string
Enum: "AWS" "AZURE" "BITBUCKET" "DOMAIN" "GCP" "GITHUB" "GITLAB" "GWORKSPACE" "HUAWEI" "JIRA" "MONGODB_ATLAS" "MS365" "ORACLE" "SALESFORCE" "SLACK" "ZENDESK" "CLOUDFLARE" "CROWDSTRIKE_FALCON" "BITDEFENDER"

Responses

Request samples

Content type
application/json
{
  • "account": "tenchisecurity.com",
  • "kind": "DOMAIN"
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "account": "tenchisecurity.com",
  • "kind": "DOMAIN",
  • "organizationId": "7bc05553-4b68-44e8-b7bc-37be63c6d9e9",
  • "createdAt": "2019-08-24T14:15:22Z"
}

Lists organization scan targets

List all scan targets given an organization ID.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/{organizationId}/scantargets' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "cursor": "string"
}

Create a new scan target

Creates a new scan target for the given organization ID.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)
Request Body schema: application/json
required
name
required
string

The scan target display name as chosen during onboarding

kind
required
string
Enum: "AWS" "AZURE" "BITBUCKET" "DOMAIN" "GCP" "GITHUB" "GITLAB" "GWORKSPACE" "HUAWEI" "JIRA" "MONGODB_ATLAS" "MS365" "ORACLE" "SALESFORCE" "SLACK" "ZENDESK" "CLOUDFLARE" "CROWDSTRIKE_FALCON" "BITDEFENDER"

The type of resource this scan target represents, either a cloud service provider or external attack surface asset

object

Configuration specific for the scan target kind, for now handles ASM scan modes

groupId
string <uuid>

Scan Target Group unique identifier, which this scan target belongs

object

How frequently this scan target will be scheduled for scanning

object

DEPRECATED (replace by metadata) - Credentials

notification
Array of strings (alert.AlertSeverity)
Items Enum: "CRITICAL" "HIGH" "MEDIUM" "LOW" "INFO"

List of alert severities that should send a notification when occur

required
common.ShareAll (object) or common.ShareNone (object) or common.ShareFollowers (object)

Scan Target sharing and visibility configuration

tags
required
Array of strings (scantarget.ScanTargetTag)

List of identification tags added to this scan target, can be used for specific sharing modes

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "kind": "AWS",
  • "options": {
    },
  • "groupId": "eb54e96e-21b8-4f54-9cd4-80fccbd06f55",
  • "schedule": {
    },
  • "credential": {
    },
  • "notification": [
    ],
  • "share": {
    },
  • "tags": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "organizationId": "7bc05553-4b68-44e8-b7bc-37be63c6d9e9",
  • "name": "string",
  • "kind": "AWS",
  • "groupId": "eb54e96e-21b8-4f54-9cd4-80fccbd06f55",
  • "account": "string",
  • "schedule": {
    },
  • "credential": {
    },
  • "status": "NEW",
  • "notification": [
    ],
  • "lastScan": "2019-08-24T14:15:22Z",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "currentScanSlot": "2019-08-24T14:15:22Z",
  • "lastScanSlot": "2019-08-24T14:15:22Z",
  • "share": {
    },
  • "tags": [
    ]
}

List all suggestions

List all scan target suggestions made to a given organization. The requesting user must be a member of the organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)

Responses

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "cursor": "string"
}

Get a scan target suggestion

Get data from a specific scan target suggestion. The requesting user must be a member of the organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)
suggestionId
required
string <uuid> (common.Id)

Responses

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "account": "tenchisecurity.com",
  • "kind": "DOMAIN",
  • "organizationId": "7bc05553-4b68-44e8-b7bc-37be63c6d9e9",
  • "createdAt": "2019-08-24T14:15:22Z"
}

Lists all tags of organization scan targets

Lists all unique tags attached in all organization scan targets.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/{organizationId}/scantargets/tags' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
[
  • "string"
]

Scan target details

List details for a specific organization scan target.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)
scanTargetId
required
string <uuid> (scantarget.ScanTargetId)

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/{organizationId}/scantargets/{scanTargetId}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "organizationId": "7bc05553-4b68-44e8-b7bc-37be63c6d9e9",
  • "name": "string",
  • "kind": "AWS",
  • "groupId": "eb54e96e-21b8-4f54-9cd4-80fccbd06f55",
  • "account": "string",
  • "schedule": {
    },
  • "credential": {
    },
  • "status": "NEW",
  • "notification": [
    ],
  • "lastScan": "2019-08-24T14:15:22Z",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "currentScanSlot": "2019-08-24T14:15:22Z",
  • "lastScanSlot": "2019-08-24T14:15:22Z",
  • "share": {
    },
  • "tags": [
    ]
}

Edit scan target

Allows edition of some scan target properties.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)
scanTargetId
required
string <uuid> (scantarget.ScanTargetId)
Request Body schema: application/json
required
name
string

The scan target display name as chosen during onboarding

object

Configuration specific for the scan target kind, for now handles ASM scan modes

groupId
string <uuid>

Scan Target Group unique identifier, which this scan target belongs

account
string

DEPRECATED (will be on metadata) - The main identifier of the resource this scan target represents, such as an AWS account ID, Azure tenant ID, GCP project name or DNS domain; the format will depend on which kind of scan target this is

object

How frequently this scan target will be scheduled for scanning

object

DEPRECATED (replace by metadata) - Credentials

status
string
Enum: "NEW" "ACTIVE" "SUSPENDED" "RUNNING" "ERROR" "INVALID_CREDENTIAL"

The current status of the scan target

notification
Array of strings (alert.AlertSeverity)
Items Enum: "CRITICAL" "HIGH" "MEDIUM" "LOW" "INFO"

List of alert severities that should send a notification when occur

common.ShareAll (object) or common.ShareNone (object) or common.ShareFollowers (object)

Scan Target sharing and visibility configuration

tags
Array of strings (scantarget.ScanTargetTag)

List of identification tags added to this scan target, can be used for specific sharing modes

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "options": {
    },
  • "groupId": "eb54e96e-21b8-4f54-9cd4-80fccbd06f55",
  • "account": "string",
  • "schedule": {
    },
  • "credential": {
    },
  • "status": "NEW",
  • "notification": [
    ],
  • "share": {
    },
  • "tags": [
    ]
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "organizationId": "7bc05553-4b68-44e8-b7bc-37be63c6d9e9",
  • "name": "string",
  • "kind": "AWS",
  • "groupId": "eb54e96e-21b8-4f54-9cd4-80fccbd06f55",
  • "account": "string",
  • "schedule": {
    },
  • "credential": {
    },
  • "status": "NEW",
  • "notification": [
    ],
  • "lastScan": "2019-08-24T14:15:22Z",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "currentScanSlot": "2019-08-24T14:15:22Z",
  • "lastScanSlot": "2019-08-24T14:15:22Z",
  • "share": {
    },
  • "tags": [
    ]
}

Delete scan target

Delete a scan target from a organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)
scanTargetId
required
string <uuid> (scantarget.ScanTargetId)

Responses

Request samples 

curl -X 'DELETE' \
'https://api.zanshin.tenchisecurity.com/organizations/{organizationId}/scantargets/{scanTargetId}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
{
  • "statusCode": 400,
  • "error": "BadRequest",
  • "message": "BadRequest"
}

Authorize CS to get scan files

Allows a organization admin to authorize the CS team to download scan files.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)
scanTargetId
required
string <uuid> (scantarget.ScanTargetId)
query Parameters
days
number

Default value is 3, cannot be higher than 7.

Responses

Request samples 

curl -X 'POST' \
'https://api.zanshin.tenchisecurity.com/organizations/{organizationId}/scantargets/{scanTargetId}/authorize-cs-get-scan-files?days=5' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
{
  • "statusCode": 400,
  • "error": "BadRequest",
  • "message": "BadRequest"
}

Check scan target

Checks if the scan target has proper connectivity with the underlying cloud service provider account, without actually performing a scan.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)
scanTargetId
required
string <uuid> (scantarget.ScanTargetId)

Responses

Request samples 

curl -X 'POST' \
'https://api.zanshin.tenchisecurity.com/organizations/{organizationId}/scantargets/{scanTargetId}/check' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
{
  • "status": "success",
  • "message": "check.success"
}

Generate new certificate

Generate a certificate for MS365 scan targets.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)
scanTargetId
required
string <uuid> (scantarget.ScanTargetId)

Responses

Request samples 

curl -X 'POST' \
'https://api.zanshin.tenchisecurity.com/organizations/{organizationId}/scantargets/{scanTargetId}/genCertificate' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
{
  • "downloadLink": "string"
}

Request scan target deletion

Allows a organization admin to request a scan target to be deleted from the organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)
scanTargetId
required
string <uuid> (scantarget.ScanTargetId)
Request Body schema: application/json
required
userComment
required
string
required
Array of objects (user.UserContact)

Responses

Request samples

Content type
application/json
{
  • "userComment": "string",
  • "userContacts": [
    ]
}

Response samples

Content type
application/json
{
  • "statusCode": 400,
  • "error": "BadRequest",
  • "message": "BadRequest"
}

Manually trigger scan

Manually trigger the scan of a scan target.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)
scanTargetId
required
string <uuid> (scantarget.ScanTargetId)
query Parameters
force
string

If 'true', ignore current state and attempt scan anyway. If 'false', will not run scan target with status NEW, ERROR, INVALID_CREDENTIAL or RUNNING Default is 'false'

Responses

Request samples 

curl -X 'POST' \
'https://api.zanshin.tenchisecurity.com/organizations/{organizationId}/scantargets/{scanTargetId}/scan' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
{
  • "organizationId": "7bc05553-4b68-44e8-b7bc-37be63c6d9e9",
  • "scanTargetId": "32633caa-78f8-40bd-b819-2deeb6a14790",
  • "slot": "2019-08-24T14:15:22Z",
  • "status": "RUNNING",
  • "summary": {
    },
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z"
}

Manually stop scan

Manually stop a currently RUNNING scan for a scan target.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)
scanTargetId
required
string <uuid> (scantarget.ScanTargetId)

Responses

Request samples 

curl -X 'POST' \
'https://api.zanshin.tenchisecurity.com/organizations/{organizationId}/scantargets/{scanTargetId}/stop' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
{
  • "organizationId": "7bc05553-4b68-44e8-b7bc-37be63c6d9e9",
  • "scanTargetId": "32633caa-78f8-40bd-b819-2deeb6a14790",
  • "slot": "2019-08-24T14:15:22Z",
  • "status": "RUNNING",
  • "summary": {
    },
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z"
}

Organization Scan Target Groups

Manage Scan Targets Groups

Lists organization scan target groups

List all scan target groups given an organization ID. The logged user must be a member of the organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/{organizationId}/scantargetgroups' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
[
  • {
    }
]

Create scan target Group

Create a scan target group given an organization ID. The logged user must be an admin of the organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

Request Body schema: application/json

Scan Target Group Data to create

name
string (ScanTargetGroupName)

The scan target group assigned name

kind
string (kind)
Enum: "ORACLE" "BITBUCKET" "GITLAB" "MONGODB_ATLAS" "CLOUDFLARE" "IBM_CLOUD"

The type of cloud of this scan target group

notification
Array of strings (Notification)
Items Enum: "CRITICAL" "HIGH" "MEDIUM" "LOW" "INFO"

The default notification severity of an alert

HourlySchedule (object) or DailySchedule (object) or WeeklySchedule (object)

The default schedule of the group targets children

Responses

Request samples

Content type
application/json
{
  • "name": "Kami Fujiwara group",
  • "kind": "ORACLE",
  • "notification": [
    ],
  • "schedule": {
    }
}

Response samples

Content type
application/json
{
  • "id": "00000000-0000-4000-a000-000000000001",
  • "organizationId": "00000000-0000-4000-a000-000000000001",
  • "name": "Kami Fujiwara",
  • "kind": "ORACLE",
  • "credential": "{}"
}

Details of scan targets in a group

Get details of a scan target group given both the organization and scan target group IDs. The logged user must be a member of the organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

scanTargetGroupId
required
string

Scan target group unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/{organizationId}/scantargetgroups/{scanTargetGroupId}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
{
  • "id": "00000000-0000-4000-a000-000000000001",
  • "organizationId": "00000000-0000-4000-a000-000000000001",
  • "name": "Resource Rollup",
  • "kind": "ORACLE",
  • "credential": {
    }
}

Remove a scan target group

Remove a scan target group given both the organization and scan target group ID. The logged user must be an admin of the organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

scanTargetGroupId
required
string

Scan target group unique identifier

query Parameters
deleteScanTargets
boolean
Example: deleteScanTargets=true

Responses

Request samples 

curl -X 'DELETE' \
'https://api.zanshin.tenchisecurity.com/organizations/{organizationId}/scantargetgroups/{scanTargetGroupId}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
true

Update scan target Group

Update an already created scan target group with the terraform returned data, given an organization ID. The logged user must be an admin of the organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

scanTargetGroupId
required
string

Scan target group unique identifier

Request Body schema: application/json

Scan Target Group Data to update

name
string (ScanTargetGroupName)

The scan target group assigned name

notification
Array of strings (Notification)
Items Enum: "CRITICAL" "HIGH" "MEDIUM" "LOW" "INFO"

The default notification severity of an alert

HourlySchedule (object) or DailySchedule (object) or WeeklySchedule (object)

The default schedule of the group targets children

Responses

Request samples

Content type
application/json
{
  • "name": "Kami Fujiwara group",
  • "notification": [
    ],
  • "schedule": {
    }
}

Response samples

Content type
application/json
{
  • "name": "Kami Fujiwara group",
  • "kind": "ORACLE",
  • "credential": {
    },
  • "notification": [
    ],
  • "schedule": {
    }
}

Insert scan target group credential

Insert an already created scan target group with the terraform returned data, given an organization ID. The logged user must be an admin of the organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

scanTargetGroupId
required
string

Scan target group unique identifier

Request Body schema: application/json

Scan Target Group Data to insert

ScanTargetGroupCredentialListOracle (object) (credential)

Credentials

Responses

Request samples

Content type
application/json
{
  • "credential": {
    }
}

Response samples

Content type
application/json
{
  • "name": "Kami Fujiwara group",
  • "kind": "ORACLE",
  • "credential": {
    },
  • "notification": [
    ],
  • "schedule": {
    }
}

Scan Targets from a scan target group

Get all scan targets from a specific scan target group. The logged user must be a member of the organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

scanTargetGroupId
required
string

Scan target group unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/scantargetgroups/{scanTargetGroupId}/scantargets' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
{
  • "id": "00000000-0000-4000-a000-000000000001",
  • "organizationId": "00000000-0000-4000-a000-000000000001",
  • "name": "Kami Fujiwara",
  • "kind": "AWS",
  • "status": "ACTIVE",
  • "account": "tenchisecurity.com",
  • "credential": {
    },
  • "metadata": { },
  • "schedule": {
    },
  • "updatedAt": "2022-01-15T12:34:56.123Z",
  • "createdAt": "2021-01-01T12:34:56.123Z"
}

List Compartments

Get all compartments from a specific scan target group. The logged user must be a member of the organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

scanTargetGroupId
required
string

Scan target group unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/scantargetgroups/{scanTargetGroupId}/targets' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
Example
[ ]

Create Scan Target by compartments

Create Scan Targets from previous listed compartments inside the scan target group. The logged user must be a member of the organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

scanTargetGroupId
required
string

Scan target group unique identifier

Request Body schema: application/json
Array of items (object) or items (object) or items (object) or items (object) or items (object) or items (object)

List of scan targets to be onboarded

Responses

Request samples

Content type
application/json
{
  • "scanTargets": [
    ]
}

Response samples

Content type
application/json
[
  • {
    }
]

Script from scan target group

Get the terraform download URL of the scan target group. The logged user must be a member of the organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

scanTargetGroupId
required
string

Scan target group unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/{orgId}/scantargetgroups/{scanTargetGroupId}/scripts' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
{}

Organization Webhooks

Manage Webhooks

List the webhooks of an organization

An endpoint to access this webhooks.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-0000-4000-a000-000000000001/webhooks' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json' \

Response samples

Content type
application/json
{
  • "id": "00000000-0000-4000-a000-000000000001",
  • "organizationId": "00000000-0000-4000-a000-000000000001",
  • "name": "Tenchi Webhook",
  • "description": "Tenchi Webhook description",
  • "url": "https://zanshin.tenchisecurity.com/webhook",
  • "events": [
    ],
  • "status": "ACTIVE",
  • "authorizationType": "NONE",
  • "createdAt": "2021-01-01T12:34:56.123Z",
  • "updatedAt": "2022-01-15T12:34:56.123Z"
}

Create organization webhook

Create a webhook given an organization ID.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

Request Body schema: application/json

Webhook Data to create

name
required
string (WebhookNameProp)

The webhook display name as chosen during onboarding

description
required
string (WebhookDescriptionProp)

The webhook display description as chosen during onboarding

url
required
string (WebhookUrlProp)

Webhook Url

events
required
Array of strings (WebhookEventsProp)
Items Enum: "ScanTargetCreated" "ScanTargetDeleted" "OrganizationInviteCreated" "OrganizationInviteDeleted" "OrganizationInviteAccepted" "OrganizationInviteResent"

Webhook Events

required
WebhookAuthorization (object) or WebhookAuthorization (object) or WebhookAuthorization (object) (WebhookAuthorizationProp)

Responses

Request samples

Content type
application/json
{
  • "name": "Tenchi Webhook",
  • "description": "Tenchi Webhook description",
  • "url": "https://zanshin.tenchisecurity.com/webhook",
  • "events": [
    ],
  • "authorization": {
    }
}

Response samples

Content type
application/json
{
  • "id": "00000000-0000-4000-a000-000000000001",
  • "organizationId": "00000000-0000-4000-a000-000000000001",
  • "name": "Tenchi Webhook",
  • "description": "Tenchi Webhook description",
  • "url": "https://zanshin.tenchisecurity.com/webhook",
  • "events": [
    ],
  • "status": "ACTIVE",
  • "authorizationType": "NONE",
  • "createdAt": "2021-01-01T12:34:56.123Z",
  • "updatedAt": "2022-01-15T12:34:56.123Z"
}

Ping webhook

Send a ping event to test the webhook.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

webhookId
required
string

Webhook unique identifier

Responses

Request samples 

curl -X 'POST' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-0000-4000-a000-000000000001/webhooks/00000000-0000-4000-a000-100000000001/ping' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json' \

Response samples

Content type
application/json
true

Gets the webhook

An endpoint to access this webhook.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

webhookId
required
string

Webhook unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-0000-4000-a000-000000000001/webhooks/00000000-0000-4000-a000-100000000001' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json' \

Response samples

Content type
application/json
{
  • "id": "00000000-0000-4000-a000-000000000001",
  • "organizationId": "00000000-0000-4000-a000-000000000001",
  • "name": "Tenchi Webhook",
  • "description": "Tenchi Webhook description",
  • "url": "https://zanshin.tenchisecurity.com/webhook",
  • "events": [
    ],
  • "status": "ACTIVE",
  • "authorizationType": "NONE",
  • "createdAt": "2021-01-01T12:34:56.123Z",
  • "updatedAt": "2022-01-15T12:34:56.123Z"
}

Edit webhook

Edits a webhook given both the organization and webhook IDs

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

webhookId
required
string

Webhook unique identifier

Request Body schema: application/json

WebhoohUpdate Data

name
string (WebhookNameProp)

The webhook display name as chosen during onboarding

description
string (WebhookDescriptionProp)

The webhook display description as chosen during onboarding

url
string (WebhookUrlProp)

Webhook Url

events
Array of strings (WebhookEventsProp)
Items Enum: "ScanTargetCreated" "ScanTargetDeleted" "OrganizationInviteCreated" "OrganizationInviteDeleted" "OrganizationInviteAccepted" "OrganizationInviteResent"

Webhook Events

WebhookAuthorization (object) or WebhookAuthorization (object) or WebhookAuthorization (object) (WebhookAuthorizationProp)

Responses

Request samples

Content type
application/json
{
  • "name": "Tenchi Webhook",
  • "description": "Tenchi Webhook description",
  • "url": "https://zanshin.tenchisecurity.com/webhook",
  • "events": [
    ],
  • "authorization": {
    }
}

Response samples

Content type
application/json
{
  • "id": "00000000-0000-4000-a000-000000000001",
  • "organizationId": "00000000-0000-4000-a000-000000000001",
  • "name": "Tenchi Webhook",
  • "description": "Tenchi Webhook description",
  • "url": "https://zanshin.tenchisecurity.com/webhook",
  • "events": [
    ],
  • "status": "ACTIVE",
  • "authorizationType": "NONE",
  • "createdAt": "2021-01-01T12:34:56.123Z",
  • "updatedAt": "2022-01-15T12:34:56.123Z"
}

Remove a webhook

Remove a webhook given both the organization and webhook IDs

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

webhookId
required
string

Webhook unique identifier

Responses

Request samples 

curl -X 'DELETE' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-0000-4000-a000-000000000001/webhooks/00000000-0000-4000-a000-100000000001' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json' \

Response samples

Content type
application/json
true

Get webhook usage metrics

An endpoint to get the usage metrics of a specific webhook.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

webhookId
required
string

Webhook unique identifier

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-0000-4000-a000-000000000001/webhooks/00000000-0000-4000-a000-100000000001/metrics' \
-H 'accept: */*' \
-H 'Authorization: Bearer {AUTH_TOKEN}' \
-H 'Content-Type: application/json' \

Response samples

Content type
application/json
{
  • "invocations": {
    },
  • "failedInvocations": {
    }
}

Organization Events

Manage Events

List the events of an organization

List the events of an organization.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string

Organization unique identifier

query Parameters
end
string <date-time>
Example: end=2020-01-15T11:30:59.123Z
start
string <date-time>
Example: start=2020-01-15T11:30:59.123Z
name
string
Example: name=AlertCreated

Require valid event names listed by the GET /events/name endpoint.

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/00000000-0000-4000-a000-000000000002/events' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "cursor": "string"
}

Get event names

Get all event names divided by entity.

Authorizations:
zanshin_auth

Responses

Request samples 

curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/events/names' \

Response samples

Content type
application/json
{
  • "alert": [
    ],
  • "follower": [
    ],
  • "following": [
    ],
  • "member": [
    ],
  • "organization": [
    ],
  • "answer": [
    ],
  • "assessment": [
    ],
  • "question": [
    ],
  • "questionnaire": [
    ],
  • "scan": [
    ],
  • "scanTarget": [
    ],
  • "webhook": [
    ],
  • "alertComment": [
    ],
  • "assessmentComment": [
    ]
}

Alerts

Manage alerts

List alerts history

List alert history for current user organization.

Authorizations:
zanshin_auth
query Parameters
size
integer <uint16> [ 1 .. 1000 ]
Default: 25
cursor
string
Request Body schema: application/json
required
organizationId
required
string <uuid> (organization.OrganizationId)
scanTargetIds
Array of strings <uuid> (scantarget.ScanTargetId) [ items <uuid > ]
lang
string (common.Language)
Enum: "pt-BR" "en-US"
pageSize
required
integer
cursor
string

Responses

Request samples

Content type
application/json
{
  • "organizationId": "7bc05553-4b68-44e8-b7bc-37be63c6d9e9",
  • "scanTargetIds": [
    ],
  • "lang": "pt-BR",
  • "pageSize": 0,
  • "cursor": "string"
}

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "cursor": "string"
}

Detail alert Deprecated

Get detailed data on a specific alert given the alert ID.

Authorizations:
zanshin_auth
path Parameters
alertId
required
string <uuid> (alert.AlertId)

Responses

Request samples 

curl -X 'GET' \
  'https://api.zanshin.tenchisecurity.com/alerts/{alertId}' \
  -H 'accept: application/json' \
  -H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "organizationId": "7bc05553-4b68-44e8-b7bc-37be63c6d9e9",
  • "scanTargetId": "32633caa-78f8-40bd-b819-2deeb6a14790",
  • "rule": "string",
  • "resource": "string",
  • "severity": "CRITICAL",
  • "state": "OPEN",
  • "version": 0,
  • "tags": [
    ],
  • "labels": [
    ],
  • "compliances": [
    ],
  • "enrichment": {
    },
  • "metadata": {
    },
  • "openedAt": "2019-08-24T14:15:22Z",
  • "resolvedAt": "2019-08-24T14:15:22Z",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "ruleTitle": "string",
  • "timelinessThreshold": 0.1
}

List alert comments

Lists all comments for given alert with comment creator information.

Authorizations:
zanshin_auth
path Parameters
alertId
required
string <uuid> (alert.AlertId)
query Parameters
size
integer <uint16> [ 1 .. 1000 ]
Default: 25
page
integer <uint16> >= 1
Default: 1

Responses

Request samples 

curl -X 'GET' \
  'https://api.zanshin.tenchisecurity.com/alerts/{alertId}/comments' \
  -H 'accept: application/json' \
  -H 'Authorization: Bearer {AUTH_TOKEN}' \
  -H 'Content-Type: application/json' \

Response samples

Content type
application/json
{
  • "data": [
    ]
}

List alert history

List historical data from given alert.

Authorizations:
zanshin_auth
path Parameters
alertId
required
string <uuid> (alert.AlertId)
query Parameters
size
integer <uint16> [ 1 .. 1000 ]
Default: 25
cursor
string

Responses

Request samples 

curl -X 'GET' \
  'https://api.zanshin.tenchisecurity.com/alerts/{alertId}/history' \
  -H 'accept: application/json' \
  -H 'Authorization: Bearer {AUTH_TOKEN}' \
  -H 'Content-Type: application/json' \

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "cursor": "string"
}

Update an alert

Updates a alert state and add comments to the alert if necessary.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)
scanTargetId
required
string <uuid> (scantarget.ScanTargetId)
alertId
required
string <uuid> (alert.AlertId)
Request Body schema: application/json
required
state
string (alert.AlertState)
Enum: "OPEN" "IN_PROGRESS" "RISK_ACCEPTED" "MITIGATING_CONTROL" "FALSE_POSITIVE" "CLOSED"
labels
Array of strings (alert.AlertLabel)
comment
string

Responses

Request samples

Content type
application/json
{
  • "state": "OPEN",
  • "labels": [
    ],
  • "comment": "string"
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "organizationId": "7bc05553-4b68-44e8-b7bc-37be63c6d9e9",
  • "scanTargetId": "32633caa-78f8-40bd-b819-2deeb6a14790",
  • "rule": "string",
  • "resource": "string",
  • "severity": "CRITICAL",
  • "state": "OPEN",
  • "version": 0,
  • "tags": [
    ],
  • "labels": [
    ],
  • "compliances": [
    ],
  • "enrichment": {
    },
  • "metadata": {
    },
  • "openedAt": "2019-08-24T14:15:22Z",
  • "resolvedAt": "2019-08-24T14:15:22Z",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "ruleTitle": "string",
  • "timelinessThreshold": 0.1
}

List alerts

List all organization alerts or a subset based on the given filter.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)
query Parameters
size
integer <uint16> [ 1 .. 1000 ]
Default: 25
cursor
string
Request Body schema: application/json
required
rules
Array of strings
states
Array of strings (alert.AlertState)
Items Enum: "OPEN" "IN_PROGRESS" "RISK_ACCEPTED" "MITIGATING_CONTROL" "FALSE_POSITIVE" "CLOSED"
severities
Array of strings (alert.AlertSeverity)
Items Enum: "CRITICAL" "HIGH" "MEDIUM" "LOW" "INFO"
scanTargetKinds
Array of strings (scantarget.ScanTargetKind)
Items Enum: "AWS" "AZURE" "BITBUCKET" "DOMAIN" "GCP" "GITHUB" "GITLAB" "GWORKSPACE" "HUAWEI" "JIRA" "MONGODB_ATLAS" "MS365" "ORACLE" "SALESFORCE" "SLACK" "ZENDESK" "CLOUDFLARE" "CROWDSTRIKE_FALCON" "BITDEFENDER"
search
string
lang
string (common.Language)
Enum: "pt-BR" "en-US"
openedAtStart
string <date-time> (common.UTCDateTime)
openedAtEnd
string <date-time> (common.UTCDateTime)
resolvedAtStart
string <date-time> (common.UTCDateTime)
resolvedAtEnd
string <date-time> (common.UTCDateTime)
createdAtStart
string <date-time> (common.UTCDateTime)
createdAtEnd
string <date-time> (common.UTCDateTime)
updatedAtStart
string <date-time> (common.UTCDateTime)
updatedAtEnd
string <date-time> (common.UTCDateTime)
sort
string (common.Sort)
Enum: "DESC" "ASC"
scanTargetIds
Array of strings <uuid> (scantarget.ScanTargetId) [ items <uuid > ]
scanTargetTags
Array of strings (scantarget.ScanTargetTag)
includeEmptyScanTargetTags
boolean (common.IncludeEmptyScanTargetTags)

(Optional) Return objects without any ScanTarget tags.

order
string
Enum: "resource" "rule" "severity" "state" "openedAt" "resolvedAt" "createdAt" "updatedAt" "scanTargetId"

Responses

Request samples

Content type
application/json
{
  • "rules": [
    ],
  • "states": [
    ],
  • "severities": [
    ],
  • "scanTargetKinds": [
    ],
  • "search": "string",
  • "lang": "pt-BR",
  • "openedAtStart": "2019-08-24T14:15:22Z",
  • "openedAtEnd": "2019-08-24T14:15:22Z",
  • "resolvedAtStart": "2019-08-24T14:15:22Z",
  • "resolvedAtEnd": "2019-08-24T14:15:22Z",
  • "createdAtStart": "2019-08-24T14:15:22Z",
  • "createdAtEnd": "2019-08-24T14:15:22Z",
  • "updatedAtStart": "2019-08-24T14:15:22Z",
  • "updatedAtEnd": "2019-08-24T14:15:22Z",
  • "sort": "DESC",
  • "scanTargetIds": [
    ],
  • "scanTargetTags": [
    ],
  • "includeEmptyScanTargetTags": true,
  • "order": "resource"
}

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "cursor": "string"
}

List alerts grouped by rules

Get alert count grouped by rules and severities.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)
query Parameters
size
integer <uint16> [ 1 .. 1000 ]
Default: 25
cursor
string
Request Body schema: application/json
required
rules
Array of strings
states
Array of strings (alert.AlertState)
Items Enum: "OPEN" "IN_PROGRESS" "RISK_ACCEPTED" "MITIGATING_CONTROL" "FALSE_POSITIVE" "CLOSED"
severities
Array of strings (alert.AlertSeverity)
Items Enum: "CRITICAL" "HIGH" "MEDIUM" "LOW" "INFO"
scanTargetKinds
Array of strings (scantarget.ScanTargetKind)
Items Enum: "AWS" "AZURE" "BITBUCKET" "DOMAIN" "GCP" "GITHUB" "GITLAB" "GWORKSPACE" "HUAWEI" "JIRA" "MONGODB_ATLAS" "MS365" "ORACLE" "SALESFORCE" "SLACK" "ZENDESK" "CLOUDFLARE" "CROWDSTRIKE_FALCON" "BITDEFENDER"
search
string
lang
string (common.Language)
Enum: "pt-BR" "en-US"
openedAtStart
string <date-time> (common.UTCDateTime)
openedAtEnd
string <date-time> (common.UTCDateTime)
resolvedAtStart
string <date-time> (common.UTCDateTime)
resolvedAtEnd
string <date-time> (common.UTCDateTime)
createdAtStart
string <date-time> (common.UTCDateTime)
createdAtEnd
string <date-time> (common.UTCDateTime)
updatedAtStart
string <date-time> (common.UTCDateTime)
updatedAtEnd
string <date-time> (common.UTCDateTime)
sort
string (common.Sort)
Enum: "DESC" "ASC"
scanTargetIds
Array of strings <uuid> (scantarget.ScanTargetId) [ items <uuid > ]
scanTargetTags
Array of strings (scantarget.ScanTargetTag)
includeEmptyScanTargetTags
boolean (common.IncludeEmptyScanTargetTags)

(Optional) Return objects without any ScanTarget tags.

order
string
Enum: "rule" "severity" "total"

Responses

Request samples

Content type
application/json
{
  • "rules": [
    ],
  • "states": [
    ],
  • "severities": [
    ],
  • "scanTargetKinds": [
    ],
  • "search": "string",
  • "lang": "pt-BR",
  • "openedAtStart": "2019-08-24T14:15:22Z",
  • "openedAtEnd": "2019-08-24T14:15:22Z",
  • "resolvedAtStart": "2019-08-24T14:15:22Z",
  • "resolvedAtEnd": "2019-08-24T14:15:22Z",
  • "createdAtStart": "2019-08-24T14:15:22Z",
  • "createdAtEnd": "2019-08-24T14:15:22Z",
  • "updatedAtStart": "2019-08-24T14:15:22Z",
  • "updatedAtEnd": "2019-08-24T14:15:22Z",
  • "sort": "DESC",
  • "scanTargetIds": [
    ],
  • "scanTargetTags": [
    ],
  • "includeEmptyScanTargetTags": true,
  • "order": "rule"
}

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "cursor": "string"
}

Batch edit alerts

Edit a batch of alerts (max 1000) based on a set of filters and/or list of IDs.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)
Request Body schema: application/json
required
state
required
Array of strings (alert.AlertState)
Items Enum: "OPEN" "IN_PROGRESS" "RISK_ACCEPTED" "MITIGATING_CONTROL" "FALSE_POSITIVE" "CLOSED"
comment
string
required
object

Responses

Request samples

Content type
application/json
{
  • "state": [
    ],
  • "comment": "string",
  • "condition": {
    }
}

Response samples

Content type
application/json
{
  • "count": 0,
  • "dryRun": true
}

Detail alert

Get detailed data for a specific alert.

Authorizations:
zanshin_auth
path Parameters
alertId
required
string <uuid> (alert.AlertId)
organizationId
required
string <uuid> (organization.OrganizationId)

Responses

Request samples 

  curl -X 'GET' \
'https://api.zanshin.tenchisecurity.com/organizations/{organizationId}/alerts/{alertId}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "organizationId": "7bc05553-4b68-44e8-b7bc-37be63c6d9e9",
  • "scanTargetId": "32633caa-78f8-40bd-b819-2deeb6a14790",
  • "rule": "string",
  • "resource": "string",
  • "severity": "CRITICAL",
  • "state": "OPEN",
  • "version": 0,
  • "tags": [
    ],
  • "labels": [
    ],
  • "compliances": [
    ],
  • "enrichment": {
    },
  • "metadata": {
    },
  • "openedAt": "2019-08-24T14:15:22Z",
  • "resolvedAt": "2019-08-24T14:15:22Z",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "ruleTitle": "string",
  • "timelinessThreshold": 0.1
}

Create comment

Create a new comment for the given alert.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)
alertId
required
string <uuid> (alert.AlertId)
Request Body schema: application/json
required
comment
required
string
mimeType
string

Responses

Request samples

Content type
application/json
{
  • "comment": "string",
  • "mimeType": "string"
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "organizationId": "7bc05553-4b68-44e8-b7bc-37be63c6d9e9",
  • "alertId": "a9367074-b5c3-42c4-9be4-be129f43577e",
  • "userId": "2c4a230c-5085-4924-a3e1-25fb4fc5965b",
  • "comment": "string",
  • "mimeType": "string",
  • "createdAt": "2019-08-24T14:15:22Z"
}

Summaries

Utility ./endpoints for grouped data

Summarizes alerts

Returns summarized data for the scans pertinent to the user. If scanTargetIds is empty or null, all of the scan targets are included.

Authorizations:
zanshin_auth
Request Body schema: application/json

Data to filter

organizationId
required
string (Organization ID)

Organization to filter the summary (OrganizationId)

scanTargetIds
Array of strings (Scan Target ID)

Scan targets to filter summaries from (ScanTargetIds), not passing the field will fetch all

search
string (search)

String to search for

lang
string (lang)
Enum: "pt-BR" "en-US"

Language result should be in

Responses

Request samples

Content type
application/json
{
  • "organizationId": "e0000000-a000-a000-a000-000000000001",
  • "scanTargetIds": [
    ],
  • "search": "dns",
  • "lang": "en-US"
}

Response samples

Content type
application/json
{
  • "total": {
    },
  • "scanTargets": {
    }
}

Summarizes followings alerts over time.

An endpoint to get summarized data on the trend of resolved alerts by thhe followings over the specified dates.

Authorizations:
zanshin_auth
Request Body schema: application/json

Data to filter

organizationId
required
string (Organization ID)

Organization that the requester belongs to, data will be fetched from this organization followings

followingIds
Array of strings (Following ids)

Organizations to filter following alerts from (FollowingIds), all ids must belong to following organizations. not passing the field will fetch from all

severities
Array of strings (Severities)
Items Enum: "CRITICAL" "HIGH" "MEDIUM" "LOW" "INFO"

Severities of the alerts to filter, not passing the field will fetch all.

dates
Array of strings (Dates)

Dates to gather the data for (YYYY-MM-DD format), not passing the field will fetch the data for the current day. A maximum of 12 dates can be passed. Passing dates for which the system has no data will result in that item not being included in the response.

Responses

Request samples

Content type
application/json
{
  • "organizationId": "e0000000-a000-a000-a000-000000000001",
  • "followingIds": [
    ],
  • "severities": [
    ],
  • "dates": [
    ]
}

Response samples

Content type
application/json
{
  • "data": [
    ]
}

Summarizes scans

Returns summarized data for the organizations. Only members of the organization can access. Followers don't see summarized data on the scans. Keys that do not exist in the request body will be ignored.

Authorizations:
zanshin_auth
Request Body schema: application/json

Data to filter

organizationId
required
string (Organization ID)

Organization to filter the summary (OrganizationId)

scanTargetIds
Array of strings (Scan Target ID)

Scan targets to filter summaries from (ScanTargetIds), not passing the field will fetch all

search
string (search)

String to search for

lang
string (lang)
Enum: "pt-BR" "en-US"

Language result should be in

Responses

Request samples

Content type
application/json
{
  • "organizationId": "e0000000-a000-a000-a000-000000000001",
  • "scanTargetIds": [
    ],
  • "search": "dns",
  • "lang": "en-US"
}

Response samples

Content type
application/json
{
  • "organization": {
    },
  • "all": {
    }
}

Summarizes following scans

Returns summary data for the following organizations. Only members of the organization can access. Keys that do not exist in the request body will be ignored.

Authorizations:
zanshin_auth
Request Body schema: application/json

Data to filter

organizationId
required
string (Organization ID)

Organization to filter the summary (OrganizationId)

followingIds
Array of strings (Following ID)

Organization ids of following to filter (FollowingIds)

daysBefore
integer (Days Before)

How many days before the current day to fetch data from (default: 7)

Responses

Request samples

Content type
application/json
{
  • "organizationId": "e0000000-a000-a000-a000-000000000001",
  • "followingIds": [
    ],
  • "daysBefore": 5
}

Response samples

Content type
application/json
{
  • "organization": {
    }
}

Summarizes following compliance details

Get following compliance detail summary.

path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)

Organizaiton Id.

Request Body schema: application/json
required
required
object (summary.Compliance)
followingIds
Array of strings <uuid> (organization.OrganizationId) [ items <uuid > ]
followingTags
Array of strings (follow.FollowTag)
severities
Array of strings (alert.AlertSeverity)
Items Enum: "CRITICAL" "HIGH" "MEDIUM" "LOW" "INFO"
includeEmptyFollowingTags
boolean (common.IncludeEmptyFollowingTags)

(Optional) Return objects without any Following tags.

Responses

Request samples

Content type
application/json
{
  • "compliance": {
    },
  • "followingIds": [
    ],
  • "followingTags": [
    ],
  • "severities": [
    ],
  • "includeEmptyFollowingTags": true
}

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "cursor": "string"
}

Summarizes following compliance overtime

Get following compliance overtime summary.

path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)

Organizaiton Id.

Request Body schema: application/json
required
required
object (summary.Compliance)
dates
required
Array of strings (common.UTCDate)
followingTags
Array of strings (follow.FollowTag)
followingIds
Array of strings <uuid> (organization.OrganizationId) [ items <uuid > ]
severities
Array of strings (alert.AlertSeverity)
Items Enum: "CRITICAL" "HIGH" "MEDIUM" "LOW" "INFO"
includeEmptyFollowingTags
boolean (common.IncludeEmptyFollowingTags)

(Optional) Return objects without any Following tags.

Responses

Request samples

Content type
application/json
{
  • "compliance": {
    },
  • "dates": [
    ],
  • "followingTags": [
    ],
  • "followingIds": [
    ],
  • "severities": [
    ],
  • "includeEmptyFollowingTags": true
}

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "cursor": "string"
}

Summarizes following scantarget details

Get following scan target summary.

path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)

Organizaiton Id.

Request Body schema: application/json
required
scanTargetIds
Array of strings <uuid> (scantarget.ScanTargetId) [ 1 .. 10 ] items [ items <uuid > ]
scanTargetTags
Array of strings (scantarget.ScanTargetTag) non-empty
scanTargetKinds
Array of strings (scantarget.ScanTargetKind) non-empty
Items Enum: "AWS" "AZURE" "BITBUCKET" "DOMAIN" "GCP" "GITHUB" "GITLAB" "GWORKSPACE" "HUAWEI" "JIRA" "MONGODB_ATLAS" "MS365" "ORACLE" "SALESFORCE" "SLACK" "ZENDESK" "CLOUDFLARE" "CROWDSTRIKE_FALCON" "BITDEFENDER"
alertSeverities
Array of strings (alert.AlertSeverity) non-empty
Items Enum: "CRITICAL" "HIGH" "MEDIUM" "LOW" "INFO"

Responses

Request samples

Content type
application/json
{
  • "scanTargetIds": [
    ],
  • "scanTargetTags": [
    ],
  • "scanTargetKinds": [
    ],
  • "alertSeverities": [
    ]
}

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "cursor": "string"
}

Summarizes compliance details

Get compliance detail summary.

path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)

Organizaiton Id.

Request Body schema: application/json
required
required
object (summary.Compliance)
scanTargetTags
Array of strings (scantarget.ScanTargetTag)
scanTargetIds
Array of strings <uuid> (scantarget.ScanTargetId) [ items <uuid > ]
severities
Array of strings (alert.AlertSeverity)
Items Enum: "CRITICAL" "HIGH" "MEDIUM" "LOW" "INFO"
includeEmptyScanTargetTags
boolean (common.IncludeEmptyScanTargetTags)

(Optional) Return objects without any ScanTarget tags.

Responses

Request samples

Content type
application/json
{
  • "compliance": {
    },
  • "scanTargetTags": [
    ],
  • "scanTargetIds": [
    ],
  • "severities": [
    ],
  • "includeEmptyScanTargetTags": true
}

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "cursor": "string"
}

Summarizes compliance overtime

Get compliance overtime summary.

path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)

Organizaiton Id.

Request Body schema: application/json
required
required
object (summary.Compliance)
dates
required
Array of strings (common.UTCDate)
scanTargetTags
Array of strings (scantarget.ScanTargetTag)
scanTargetIds
Array of strings <uuid> (scantarget.ScanTargetId) [ items <uuid > ]
severities
Array of strings (alert.AlertSeverity)
Items Enum: "CRITICAL" "HIGH" "MEDIUM" "LOW" "INFO"
includeEmptyScanTargetTags
boolean (common.IncludeEmptyScanTargetTags)

(Optional) Return objects without any ScanTarget tags.

Responses

Request samples

Content type
application/json
{
  • "compliance": {
    },
  • "dates": [
    ],
  • "scanTargetTags": [
    ],
  • "scanTargetIds": [
    ],
  • "severities": [
    ],
  • "includeEmptyScanTargetTags": true
}

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "cursor": "string"
}

Summarizes scantarget detail

get scan target summary.

path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)

Organization Id.

Request Body schema: application/json
required
scanTargetIds
Array of strings <uuid> (scantarget.ScanTargetId) [ 1 .. 10 ] items [ items <uuid > ]
scanTargetTags
Array of strings (scantarget.ScanTargetTag) non-empty
scanTargetKinds
Array of strings (scantarget.ScanTargetKind) non-empty
Items Enum: "AWS" "AZURE" "BITBUCKET" "DOMAIN" "GCP" "GITHUB" "GITLAB" "GWORKSPACE" "HUAWEI" "JIRA" "MONGODB_ATLAS" "MS365" "ORACLE" "SALESFORCE" "SLACK" "ZENDESK" "CLOUDFLARE" "CROWDSTRIKE_FALCON" "BITDEFENDER"
alertSeverities
Array of strings (alert.AlertSeverity) non-empty
Items Enum: "CRITICAL" "HIGH" "MEDIUM" "LOW" "INFO"

Responses

Request samples

Content type
application/json
{
  • "scanTargetIds": [
    ],
  • "scanTargetTags": [
    ],
  • "scanTargetKinds": [
    ],
  • "alertSeverities": [
    ]
}

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "cursor": "string"
}

Document

Create document to export alerts Deprecated

Create document to export alerts of organizations (one or more). Only CSV format. Only members or followers can access. Deprecated, use POST /organizations/{organizationId}/documents. To see the documentation, look for the Organization Documents section.

Authorizations:
zanshin_auth
Request Body schema: application/json
language
required
string (language)

User Language

service
required
string (service)

Document service

formats
required
Array of arrays (Email)

Document type. Only CSV format

required
object (Filter param)

Responses

Request samples

Content type
application/json
{
  • "language": "pt-BR",
  • "service": "following.alert.list",
  • "formats": [
    ],
  • "filterParam": {
    }
}

Response samples

Content type
application/json
{
  • "language": "pt-BR",
  • "service": "following.alert.list",
  • "formats": [
    ],
  • "filterParam": {
    },
  • "status": "PENDING",
  • "createdAt": "2023-01-13T12:34:56.123Z",
  • "expires": 1684093592.15,
  • "userId": "000086d0-0000-0000-0000-00000023ea00",
  • "id": "000086d0-0000-0000-0000-00000023ea00"
}

Deletes an generated document alerts

Deletes an generated document alerts. Only members or followers can access.

Authorizations:
zanshin_auth
path Parameters
documentId
required
string

Document Identifier

Responses

Request samples 

curl -X 'DELETE' \
'https://api.zanshin.tenchisecurity.com/me/documents/{documentId}' \
-H 'accept: application/json' \
-H 'Authorization: Bearer {AUTH_TOKEN}'

Response samples

Content type
application/json
true

Events

DocumentCreateEvent Webhook

Request Body schema: application/json
type
required
string
Value: "EVENT"
required
object (document.EventParams)

Request samples

Content type
application/json
{
  • "type": "EVENT",
  • "params": {
    }
}

AlertCommentCreatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "AlertCommentCreated"
source
required
string
Value: "zanshin.alert.comment"
version
required
integer <uint32>
required
object (alert.AlertComment)
required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "AlertCommentCreated",
  • "source": "zanshin.alert.comment",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

AlertCreatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "AlertCreated"
source
required
string
Value: "zanshin.alert"
version
required
integer <uint32>
required
object (alert.Alert)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "AlertCreated",
  • "source": "zanshin.alert",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

AlertFollowingCreatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "AlertFollowingCreated"
source
required
string
Value: "zanshin.alert"
version
required
integer <uint32>
required
object (alert.Alert)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "AlertFollowingCreated",
  • "source": "zanshin.alert",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

AlertFollowingUpdatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "AlertFollowingUpdated"
source
required
string
Value: "zanshin.alert"
version
required
integer <uint32>
required
object (alert.Alert)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "AlertFollowingUpdated",
  • "source": "zanshin.alert",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

AlertUpdatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "AlertUpdated"
source
required
string
Value: "zanshin.alert"
version
required
integer <uint32>
required
object (alert.Alert)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "AlertUpdated",
  • "source": "zanshin.alert",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

FollowerAcceptedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "FollowerAccepted"
source
required
string
Value: "zanshin.follower"
version
required
integer <uint32>
required
object (follow.FollowRequest)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "FollowerAccepted",
  • "source": "zanshin.follower",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

FollowerDeclinedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "FollowerDeclined"
source
required
string
Value: "zanshin.follower"
version
required
integer <uint32>
required
object (follow.FollowRequest)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "FollowerDeclined",
  • "source": "zanshin.follower",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

FollowerDeletedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "FollowerDeleted"
source
required
string
Value: "zanshin.follower"
version
required
integer <uint32>
required
object (follow.FollowerInfo)
required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "FollowerDeleted",
  • "source": "zanshin.follower",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

FollowerRequestedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "FollowerRequested"
source
required
string
Value: "zanshin.follower"
version
required
integer <uint32>
required
object (follow.FollowRequest)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "FollowerRequested",
  • "source": "zanshin.follower",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

FollowerUpdatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "FollowerUpdated"
source
required
string
Value: "zanshin.follower"
version
required
integer <uint32>
required
object (follow.FollowerInfo)
required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "FollowerUpdated",
  • "source": "zanshin.follower",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

FollowingAcceptedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "FollowingAccepted"
source
required
string
Value: "zanshin.following"
version
required
integer <uint32>
required
object (follow.FollowRequest)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "FollowingAccepted",
  • "source": "zanshin.following",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

FollowingDeclinedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "FollowingDeclined"
source
required
string
Value: "zanshin.following"
version
required
integer <uint32>
required
object (follow.FollowRequest)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "FollowingDeclined",
  • "source": "zanshin.following",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

FollowingDeletedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "FollowingDeleted"
source
required
string
Value: "zanshin.following"
version
required
integer <uint32>
required
object (follow.FollowingInfo)
required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "FollowingDeleted",
  • "source": "zanshin.following",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

FollowingRequestedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "FollowingRequested"
source
required
string
Value: "zanshin.following"
version
required
integer <uint32>
required
object (follow.FollowRequest)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "FollowingRequested",
  • "source": "zanshin.following",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

FollowingUpdatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "FollowingUpdated"
source
required
string
Value: "zanshin.following"
version
required
integer <uint32>
required
object (follow.FollowingInfo)
required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "FollowingUpdated",
  • "source": "zanshin.following",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

MemberCreatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "MemberCreated"
source
required
string
Value: "zanshin.member"
version
required
integer <uint32>
required
object (member.Member)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "MemberCreated",
  • "source": "zanshin.member",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

MemberDeletedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "MemberDeleted"
source
required
string
Value: "zanshin.member"
version
required
integer <uint32>
required
object (member.Member)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "MemberDeleted",
  • "source": "zanshin.member",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

MemberInviteAcceptedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "MemberInviteAccepted"
source
required
string
Value: "zanshin.member"
version
required
integer <uint32>
required
object (member.MemberInvite)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "MemberInviteAccepted",
  • "source": "zanshin.member",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

MemberInviteCreatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "MemberInviteCreated"
source
required
string
Value: "zanshin.member"
version
required
integer <uint32>
required
object (member.MemberInvite)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "MemberInviteCreated",
  • "source": "zanshin.member",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

MemberInviteDeletedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "MemberInviteDeleted"
source
required
string
Value: "zanshin.member"
version
required
integer <uint32>
required
object (member.MemberInvite)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "MemberInviteDeleted",
  • "source": "zanshin.member",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

MemberInviteResentEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "MemberInviteResent"
source
required
string
Value: "zanshin.member"
version
required
integer <uint32>
required
object (member.MemberInvite)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "MemberInviteResent",
  • "source": "zanshin.member",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

MemberMfaResetRequestedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "MemberMfaResetRequested"
source
required
string
Value: "zanshin.member"
version
required
integer <uint32>
required
object (member.Member)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "MemberMfaResetRequested",
  • "source": "zanshin.member",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

MemberPasswordResetRequestedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "MemberPasswordResetRequested"
source
required
string
Value: "zanshin.member"
version
required
integer <uint32>
required
object (member.Member)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "MemberPasswordResetRequested",
  • "source": "zanshin.member",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

MemberUpdatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "MemberUpdated"
source
required
string
Value: "zanshin.member"
version
required
integer <uint32>
required
object (member.Member)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "MemberUpdated",
  • "source": "zanshin.member",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

OrganizationCreatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "OrganizationCreated"
source
required
string
Value: "zanshin.organization"
version
required
integer <uint32>
required
object (organization.Organization)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "OrganizationCreated",
  • "source": "zanshin.organization",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

OrganizationDeletedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "OrganizationDeleted"
source
required
string
Value: "zanshin.organization"
version
required
integer <uint32>
required
object (organization.Organization)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "OrganizationDeleted",
  • "source": "zanshin.organization",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

OrganizationUpdatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "OrganizationUpdated"
source
required
string
Value: "zanshin.organization"
version
required
integer <uint32>
required
object (organization.Organization)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "OrganizationUpdated",
  • "source": "zanshin.organization",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

AnswerCreatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "AnswerCreated"
source
required
string
Value: "zanshin.questionnaire.answer"
version
required
integer <uint32>
required
object (questionnaire.Answer)
required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "AnswerCreated",
  • "source": "zanshin.questionnaire.answer",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

AnswerUpdatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "AnswerUpdated"
source
required
string
Value: "zanshin.questionnaire.answer"
version
required
integer <uint32>
required
object (questionnaire.Answer)
required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "AnswerUpdated",
  • "source": "zanshin.questionnaire.answer",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

AssessmentCommentEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "AssessmentCommentCreated"
source
required
string
Value: "zanshin.assessment.comment"
version
required
integer <uint32>
required
object (questionnaire.AssessmentComment)
required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "AssessmentCommentCreated",
  • "source": "zanshin.assessment.comment",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

AssessmentCreatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "AssessmentCreated"
source
required
string
Value: "zanshin.assessment"
version
required
integer <uint32>
required
object (questionnaire.Assessment)
required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "AssessmentCreated",
  • "source": "zanshin.assessment",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

AssessmentUpdatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "AssessmentUpdated"
source
required
string
Value: "zanshin.assessment"
version
required
integer <uint32>
required
object (questionnaire.Assessment)
required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "AssessmentUpdated",
  • "source": "zanshin.assessment",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

ElementCreatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "ElementCreated"
source
required
string
Value: "zanshin.questionnaire.element"
version
required
integer <uint32>
required
object (questionnaire.Element)
required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "ElementCreated",
  • "source": "zanshin.questionnaire.element",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

ElementDeletedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "ElementDeleted"
source
required
string
Value: "zanshin.questionnaire.element"
version
required
integer <uint32>
required
object (questionnaire.Element)
required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "ElementDeleted",
  • "source": "zanshin.questionnaire.element",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

ElementUpdatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "ElementUpdated"
source
required
string
Value: "zanshin.questionnaire.element"
version
required
integer <uint32>
required
object (questionnaire.Element)
required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "ElementUpdated",
  • "source": "zanshin.questionnaire.element",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

QuestionCreatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "QuestionCreated"
source
required
string
Value: "zanshin.questionnaire.question"
version
required
integer <uint32>
required
object (questionnaire.Question)
required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "QuestionCreated",
  • "source": "zanshin.questionnaire.question",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

QuestionDeletedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "QuestionDeleted"
source
required
string
Value: "zanshin.questionnaire.question"
version
required
integer <uint32>
required
object (questionnaire.Question)
required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "QuestionDeleted",
  • "source": "zanshin.questionnaire.question",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

QuestionUpdatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "QuestionUpdated"
source
required
string
Value: "zanshin.questionnaire.question"
version
required
integer <uint32>
required
object (questionnaire.Question)
required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "QuestionUpdated",
  • "source": "zanshin.questionnaire.question",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

QuestionnaireCreatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "QuestionnaireCreated"
source
required
string
Value: "zanshin.questionnaire"
version
required
integer <uint32>
required
object (questionnaire.Questionnaire)
required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "QuestionnaireCreated",
  • "source": "zanshin.questionnaire",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

QuestionnairePublishedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "QuestionnairePublished"
source
required
string
Value: "zanshin.questionnaire"
version
required
integer <uint32>
required
object (questionnaire.Questionnaire)
required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "QuestionnairePublished",
  • "source": "zanshin.questionnaire",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

QuestionnaireSentEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "QuestionnaireSent"
source
required
string
Value: "zanshin.questionnaire"
version
required
integer <uint32>
required
object (questionnaire.Questionnaire)
required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "QuestionnaireSent",
  • "source": "zanshin.questionnaire",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

QuestionnaireUpdatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "QuestionnaireUpdated"
source
required
string
Value: "zanshin.questionnaire"
version
required
integer <uint32>
required
object (questionnaire.Questionnaire)
required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "QuestionnaireUpdated",
  • "source": "zanshin.questionnaire",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

ScanCreatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "ScanCreated"
source
required
string
Value: "zanshin.scan"
version
required
integer <uint32>
required
object (scan.Scan)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "ScanCreated",
  • "source": "zanshin.scan",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

ScanUpdatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "ScanUpdated"
source
required
string
Value: "zanshin.scan"
version
required
integer <uint32>
required
object (scan.Scan)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "ScanUpdated",
  • "source": "zanshin.scan",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

ScanTargetCreatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "ScanTargetCreated"
source
required
string
Value: "zanshin.scanTarget"
version
required
integer <uint32>
required
object (scantarget.ScanTarget)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "ScanTargetCreated",
  • "source": "zanshin.scanTarget",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

ScanTargetDeletedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "ScanTargetDeleted"
source
required
string
Value: "zanshin.scanTarget"
version
required
integer <uint32>
required
object (scantarget.ScanTarget)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "ScanTargetDeleted",
  • "source": "zanshin.scanTarget",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

ScanTargetUpdatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "ScanTargetUpdated"
source
required
string
Value: "zanshin.scanTarget"
version
required
integer <uint32>
required
object (scantarget.ScanTarget)

The template for picking properties.

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "ScanTargetUpdated",
  • "source": "zanshin.scanTarget",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

WebhookCreatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "WebhookCreated"
source
required
string
Value: "zanshin.webhook"
version
required
integer <uint32>
required
object (webhook.Webhook)

Webhook data

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "WebhookCreated",
  • "source": "zanshin.webhook",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

WebhookDeletedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "WebhookDeleted"
source
required
string
Value: "zanshin.webhook"
version
required
integer <uint32>
required
object (webhook.Webhook)

Webhook data

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "WebhookDeleted",
  • "source": "zanshin.webhook",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

WebhookUpdatedEvent Webhook

Request Body schema: application/json
id
required
string <uuid> (common.EventId)
name
required
string
Value: "WebhookUpdated"
source
required
string
Value: "zanshin.webhook"
version
required
integer <uint32>
required
object (webhook.Webhook)

Webhook data

required
object
createdAt
required
string <date-time> (common.UTCDateTime)

Request samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "name": "WebhookUpdated",
  • "source": "zanshin.webhook",
  • "version": 0,
  • "data": {
    },
  • "metadata": {
    },
  • "createdAt": "2019-08-24T14:15:22Z"
}

Following Alerts

List following alert history

Authorizations:
zanshin_auth
query Parameters
size
integer <uint16> [ 1 .. 1000 ]
Default: 25
cursor
string
Request Body schema: application/json
required
organizationId
required
string <uuid> (organization.OrganizationId)
followingIds
Array of strings <uuid> (scantarget.ScanTargetId) [ items <uuid > ]
lang
string (common.Language)
Enum: "pt-BR" "en-US"
pageSize
required
integer
cursor
string

Responses

Request samples

Content type
application/json
{
  • "organizationId": "7bc05553-4b68-44e8-b7bc-37be63c6d9e9",
  • "followingIds": [
    ],
  • "lang": "pt-BR",
  • "pageSize": 0,
  • "cursor": "string"
}

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "cursor": "string"
}

List following alerts

List all alerts for followed organizations.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)
query Parameters
size
integer <uint16> [ 1 .. 1000 ]
Default: 25
cursor
string
Request Body schema: application/json
required
rules
Array of strings
states
Array of strings (alert.AlertState)
Items Enum: "OPEN" "IN_PROGRESS" "RISK_ACCEPTED" "MITIGATING_CONTROL" "FALSE_POSITIVE" "CLOSED"
severities
Array of strings (alert.AlertSeverity)
Items Enum: "CRITICAL" "HIGH" "MEDIUM" "LOW" "INFO"
scanTargetKinds
Array of strings (scantarget.ScanTargetKind)
Items Enum: "AWS" "AZURE" "BITBUCKET" "DOMAIN" "GCP" "GITHUB" "GITLAB" "GWORKSPACE" "HUAWEI" "JIRA" "MONGODB_ATLAS" "MS365" "ORACLE" "SALESFORCE" "SLACK" "ZENDESK" "CLOUDFLARE" "CROWDSTRIKE_FALCON" "BITDEFENDER"
search
string
lang
string (common.Language)
Enum: "pt-BR" "en-US"
openedAtStart
string <date-time> (common.UTCDateTime)
openedAtEnd
string <date-time> (common.UTCDateTime)
resolvedAtStart
string <date-time> (common.UTCDateTime)
resolvedAtEnd
string <date-time> (common.UTCDateTime)
createdAtStart
string <date-time> (common.UTCDateTime)
createdAtEnd
string <date-time> (common.UTCDateTime)
updatedAtStart
string <date-time> (common.UTCDateTime)
updatedAtEnd
string <date-time> (common.UTCDateTime)
sort
string (common.Sort)
Enum: "DESC" "ASC"
followingIds
Array of strings <uuid> (organization.OrganizationId) [ items <uuid > ]
followingTags
Array of strings (follow.FollowTag)
includeEmptyFollowingTags
boolean (common.IncludeEmptyFollowingTags)

(Optional) Return objects without any Following tags.

order
string
Enum: "resource" "rule" "severity" "state" "openedAt" "resolvedAt" "createdAt" "updatedAt" "followingIds"

Responses

Request samples

Content type
application/json
{
  • "rules": [
    ],
  • "states": [
    ],
  • "severities": [
    ],
  • "scanTargetKinds": [
    ],
  • "search": "string",
  • "lang": "pt-BR",
  • "openedAtStart": "2019-08-24T14:15:22Z",
  • "openedAtEnd": "2019-08-24T14:15:22Z",
  • "resolvedAtStart": "2019-08-24T14:15:22Z",
  • "resolvedAtEnd": "2019-08-24T14:15:22Z",
  • "createdAtStart": "2019-08-24T14:15:22Z",
  • "createdAtEnd": "2019-08-24T14:15:22Z",
  • "updatedAtStart": "2019-08-24T14:15:22Z",
  • "updatedAtEnd": "2019-08-24T14:15:22Z",
  • "sort": "DESC",
  • "followingIds": [
    ],
  • "followingTags": [
    ],
  • "includeEmptyFollowingTags": true,
  • "order": "resource"
}

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "cursor": "string"
}

List following alerts grouped by rules

Get followed organizations alert data grouped by rule and severities

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)
query Parameters
size
integer <uint16> [ 1 .. 1000 ]
Default: 25
cursor
string
Request Body schema: application/json
required
rules
Array of strings
states
Array of strings (alert.AlertState)
Items Enum: "OPEN" "IN_PROGRESS" "RISK_ACCEPTED" "MITIGATING_CONTROL" "FALSE_POSITIVE" "CLOSED"
severities
Array of strings (alert.AlertSeverity)
Items Enum: "CRITICAL" "HIGH" "MEDIUM" "LOW" "INFO"
scanTargetKinds
Array of strings (scantarget.ScanTargetKind)
Items Enum: "AWS" "AZURE" "BITBUCKET" "DOMAIN" "GCP" "GITHUB" "GITLAB" "GWORKSPACE" "HUAWEI" "JIRA" "MONGODB_ATLAS" "MS365" "ORACLE" "SALESFORCE" "SLACK" "ZENDESK" "CLOUDFLARE" "CROWDSTRIKE_FALCON" "BITDEFENDER"
search
string
lang
string (common.Language)
Enum: "pt-BR" "en-US"
openedAtStart
string <date-time> (common.UTCDateTime)
openedAtEnd
string <date-time> (common.UTCDateTime)
resolvedAtStart
string <date-time> (common.UTCDateTime)
resolvedAtEnd
string <date-time> (common.UTCDateTime)
createdAtStart
string <date-time> (common.UTCDateTime)
createdAtEnd
string <date-time> (common.UTCDateTime)
updatedAtStart
string <date-time> (common.UTCDateTime)
updatedAtEnd
string <date-time> (common.UTCDateTime)
sort
string (common.Sort)
Enum: "DESC" "ASC"
followingIds
Array of strings <uuid> (organization.OrganizationId) [ items <uuid > ]
followingTags
Array of strings (follow.FollowTag)
includeEmptyFollowingTags
boolean (common.IncludeEmptyFollowingTags)

(Optional) Return objects without any Following tags.

order
string
Enum: "rule" "severity" "total"

Responses

Request samples

Content type
application/json
{
  • "rules": [
    ],
  • "states": [
    ],
  • "severities": [
    ],
  • "scanTargetKinds": [
    ],
  • "search": "string",
  • "lang": "pt-BR",
  • "openedAtStart": "2019-08-24T14:15:22Z",
  • "openedAtEnd": "2019-08-24T14:15:22Z",
  • "resolvedAtStart": "2019-08-24T14:15:22Z",
  • "resolvedAtEnd": "2019-08-24T14:15:22Z",
  • "createdAtStart": "2019-08-24T14:15:22Z",
  • "createdAtEnd": "2019-08-24T14:15:22Z",
  • "updatedAtStart": "2019-08-24T14:15:22Z",
  • "updatedAtEnd": "2019-08-24T14:15:22Z",
  • "sort": "DESC",
  • "followingIds": [
    ],
  • "followingTags": [
    ],
  • "includeEmptyFollowingTags": true,
  • "order": "rule"
}

Response samples

Content type
application/json
{
  • "data": [
    ],
  • "cursor": "string"
}

Attachments

Create Attachment

Creates an Attachment.

Authorizations:
zanshin_auth
Request Body schema: application/json
required
fileName
required
string
contentLength
required
number
contentType
required
string
contentMD5
required
string
expiresAt
required
string <date-time> (common.UTCDateTime)

Responses

Request samples

Content type
application/json
{
  • "fileName": "string",
  • "contentLength": 0,
  • "contentType": "string",
  • "contentMD5": "string",
  • "expiresAt": "2019-08-24T14:15:22Z"
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "fileName": "string",
  • "contentLength": 0,
  • "contentType": "string",
  • "contentMD5": "string",
  • "url": "string",
  • "accessControl": {
    },
  • "status": "NEW",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "_TTL": 0
}

Detail Attachment

Details an Attachment.

Authorizations:
zanshin_auth
path Parameters
attachmentId
required
string <uuid> (common.AttachmentId)

Responses

Request samples 

curl -X 'GET' \
    'https://api.zanshin.tenchisecurity.com/attachment/{attachmentId}/' \
    -H 'accept: application/json' \
    -H 'Authorization: Bearer {AUTH_TOKEN}' \

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "fileName": "string",
  • "contentLength": 0,
  • "contentType": "string",
  • "contentMD5": "string",
  • "url": "string",
  • "accessControl": {
    },
  • "status": "NEW",
  • "createdAt": "2019-08-24T14:15:22Z",
  • "updatedAt": "2019-08-24T14:15:22Z",
  • "_TTL": 0
}

Oauth

Organization Documents

Create Document Export

Create document to export alerts of organizations (CSV), following organizations (CSV), organization events (CSV), third party reports (PDF) and questionnaire reports (PDF).

Only members or followers can access.

This endpoint creates a pending request to generate an attachment with the export. When the export is ready, the status will change from PENDING to DONE and the field attachmentId will contain the id of the attachment that contains the download URL. The request GET /attachment/{attachmentId} returns details of the attachment.

To export alerts of organizations, the filter is the same used to list alerts in POST /organizations/{organizationId}/alerts.

To export alerts of following organizations, the filter is the same used to list following alerts in POST /organizations/{organizationId}/followings/alerts.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)
Request Body schema: application/json
required
Any of
type
required
string
Value: "QUESTIONNAIRE_REPORT"
required
object (document.QuestionnaireReportParams)

Responses

Request samples

Content type
application/json
Example
{
  • "type": "QUESTIONNAIRE_REPORT",
  • "params": {
    }
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "userId": "2c4a230c-5085-4924-a3e1-25fb4fc5965b",
  • "attachmentId": "96b9bbac-86d3-4497-9e0c-1f8e3803eddb",
  • "organizationId": "7bc05553-4b68-44e8-b7bc-37be63c6d9e9",
  • "status": "PENDING",
  • "type": "QUESTIONNAIRE_REPORT",
  • "params": {
    },
  • "createdAt": "2019-08-24T14:15:22Z",
  • "expiresAt": "2019-08-24T14:15:22Z"
}

Followers

Create following request

Accept a following request.

path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)

Organization Id.

followerId
required
string <uuid> (organization.OrganizationId)

Follower Id.

Responses

Response samples

Content type
application/json
{
  • "followingId": "6338e9fd-6a02-4721-9c37-b1e04d194fe9",
  • "followingName": "string",
  • "followerId": "62213f7a-f0bf-47a0-a6dd-74e2885412b0",
  • "followerName": "string",
  • "tags": [
    ],
  • "createdAt": "2019-08-24T14:15:22Z"
}

Create following request

Decline a following request.

path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)

Organization Id.

followerId
required
string <uuid> (organization.OrganizationId)

Follower Id.

Responses

Response samples

Content type
application/json
{
  • "followingId": "6338e9fd-6a02-4721-9c37-b1e04d194fe9",
  • "followingName": "string",
  • "followerId": "62213f7a-f0bf-47a0-a6dd-74e2885412b0",
  • "followerName": "string",
  • "tags": [
    ],
  • "createdAt": "2019-08-24T14:15:22Z"
}

Following

Create following request

Create a following request.

path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)

Organization Id.

Request Body schema: application/json
required
followingId
required
string <uuid> (organization.OrganizationId)
followMode
string (follow.FollowMode)
Enum: "COOPERATIVE" "ANONYMOUS"
followTags
Array of strings (follow.FollowTag)
Array of objects (user.UserContact)
object (organization.OrganizationCreate)

The template for picking properties.

Array of objects (scantarget.ScanTargetSuggestionCreate)

Responses

Request samples

Content type
application/json
{
  • "followingId": "6338e9fd-6a02-4721-9c37-b1e04d194fe9",
  • "followMode": "COOPERATIVE",
  • "followTags": [
    ],
  • "userContacts": [
    ],
  • "organizationInformation": {
    },
  • "scanTargetSuggestions": [
    ]
}

Response samples

Content type
application/json
{
  • "followingId": "6338e9fd-6a02-4721-9c37-b1e04d194fe9",
  • "followingName": "string",
  • "followerId": "62213f7a-f0bf-47a0-a6dd-74e2885412b0",
  • "followerName": "string",
  • "createdAt": "2019-08-24T14:15:22Z"
}

Roles

Create organization role

Create organization role.

path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)

Organization Id.

Request Body schema: application/json
required
name
required
string
description
required
string
landingPage
required
string (roles.RoleLandingPage)
Enum: "ORGANIZATION_DASHBOARD" "ORGANIZATION_MEMBERS" "ORGANIZATION_SETTINGS" "FOLLOWING_DASHBOARD" "FOLLOWERS_DASHBOARD"
organizationSettings
required
string (roles.RolePermission)
Enum: "FULL_ACCESS" "READ_ONLY" "NO_ACCESS"
organizationMembers
required
string (roles.RolePermission)
Enum: "FULL_ACCESS" "READ_ONLY" "NO_ACCESS"
organizationAlerts
required
string (roles.RolePermission)
Enum: "FULL_ACCESS" "READ_ONLY" "NO_ACCESS"
organizationScanTargets
required
string (roles.RolePermission)
Enum: "FULL_ACCESS" "READ_ONLY" "NO_ACCESS"
organizationScanTargetsTags
Array of strings
followingAlerts
required
string (roles.RolePermission)
Enum: "FULL_ACCESS" "READ_ONLY" "NO_ACCESS"
followingQuestionnaires
required
string (roles.RolePermission)
Enum: "FULL_ACCESS" "READ_ONLY" "NO_ACCESS"
followingAssessments
required
string (roles.RolePermission)
Enum: "FULL_ACCESS" "READ_ONLY" "NO_ACCESS"
followingOrganizations
required
string (roles.RolePermission)
Enum: "FULL_ACCESS" "READ_ONLY" "NO_ACCESS"
followingOrganizationsTags
Array of strings
followerAssessments
required
string (roles.RolePermission)
Enum: "FULL_ACCESS" "READ_ONLY" "NO_ACCESS"
followerOrganizations
required
string (roles.RolePermission)
Enum: "FULL_ACCESS" "READ_ONLY" "NO_ACCESS"

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "description": "string",
  • "landingPage": "ORGANIZATION_DASHBOARD",
  • "organizationSettings": "FULL_ACCESS",
  • "organizationMembers": "FULL_ACCESS",
  • "organizationAlerts": "FULL_ACCESS",
  • "organizationScanTargets": "FULL_ACCESS",
  • "organizationScanTargetsTags": [
    ],
  • "followingAlerts": "FULL_ACCESS",
  • "followingQuestionnaires": "FULL_ACCESS",
  • "followingAssessments": "FULL_ACCESS",
  • "followingOrganizations": "FULL_ACCESS",
  • "followingOrganizationsTags": [
    ],
  • "followerAssessments": "FULL_ACCESS",
  • "followerOrganizations": "FULL_ACCESS"
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "organizationId": "7bc05553-4b68-44e8-b7bc-37be63c6d9e9",
  • "name": "string",
  • "description": "string",
  • "landingPage": "ORGANIZATION_DASHBOARD",
  • "organizationSettings": "FULL_ACCESS",
  • "organizationMembers": "FULL_ACCESS",
  • "organizationAlerts": "FULL_ACCESS",
  • "organizationScanTargets": "FULL_ACCESS",
  • "organizationScanTargetsTags": [
    ],
  • "followingAlerts": "FULL_ACCESS",
  • "followingQuestionnaires": "FULL_ACCESS",
  • "followingAssessments": "FULL_ACCESS",
  • "followingOrganizations": "FULL_ACCESS",
  • "followingOrganizationsTags": [
    ],
  • "followerAssessments": "FULL_ACCESS",
  • "followerOrganizations": "FULL_ACCESS"
}

List organization roles

List all organization roles.

path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)

Organization Id.

Responses

Response samples

Content type
application/json
[
  • {
    }
]

Get organization role

Get organization role.

path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)

Organization Id.

roleId
required
string <uuid> (common.Id)

Id.

Responses

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "organizationId": "7bc05553-4b68-44e8-b7bc-37be63c6d9e9",
  • "name": "string",
  • "description": "string",
  • "landingPage": "ORGANIZATION_DASHBOARD",
  • "organizationSettings": "FULL_ACCESS",
  • "organizationMembers": "FULL_ACCESS",
  • "organizationAlerts": "FULL_ACCESS",
  • "organizationScanTargets": "FULL_ACCESS",
  • "organizationScanTargetsTags": [
    ],
  • "followingAlerts": "FULL_ACCESS",
  • "followingQuestionnaires": "FULL_ACCESS",
  • "followingAssessments": "FULL_ACCESS",
  • "followingOrganizations": "FULL_ACCESS",
  • "followingOrganizationsTags": [
    ],
  • "followerAssessments": "FULL_ACCESS",
  • "followerOrganizations": "FULL_ACCESS"
}

Return the deleted organization role

Delete organization role.

path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)

Organization Id.

roleId
required
string <uuid> (common.Id)

Id.

Responses

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "organizationId": "7bc05553-4b68-44e8-b7bc-37be63c6d9e9",
  • "name": "string",
  • "description": "string",
  • "landingPage": "ORGANIZATION_DASHBOARD",
  • "organizationSettings": "FULL_ACCESS",
  • "organizationMembers": "FULL_ACCESS",
  • "organizationAlerts": "FULL_ACCESS",
  • "organizationScanTargets": "FULL_ACCESS",
  • "organizationScanTargetsTags": [
    ],
  • "followingAlerts": "FULL_ACCESS",
  • "followingQuestionnaires": "FULL_ACCESS",
  • "followingAssessments": "FULL_ACCESS",
  • "followingOrganizations": "FULL_ACCESS",
  • "followingOrganizationsTags": [
    ],
  • "followerAssessments": "FULL_ACCESS",
  • "followerOrganizations": "FULL_ACCESS"
}

Update organization role

Update organization rule.

path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)

Organization Id.

roleId
required
string <uuid> (common.Id)

Id.

Request Body schema: application/json
required
name
required
string
description
required
string
landingPage
required
string (roles.RoleLandingPage)
Enum: "ORGANIZATION_DASHBOARD" "ORGANIZATION_MEMBERS" "ORGANIZATION_SETTINGS" "FOLLOWING_DASHBOARD" "FOLLOWERS_DASHBOARD"
organizationSettings
required
string (roles.RolePermission)
Enum: "FULL_ACCESS" "READ_ONLY" "NO_ACCESS"
organizationMembers
required
string (roles.RolePermission)
Enum: "FULL_ACCESS" "READ_ONLY" "NO_ACCESS"
organizationAlerts
required
string (roles.RolePermission)
Enum: "FULL_ACCESS" "READ_ONLY" "NO_ACCESS"
organizationScanTargets
required
string (roles.RolePermission)
Enum: "FULL_ACCESS" "READ_ONLY" "NO_ACCESS"
organizationScanTargetsTags
Array of strings
followingAlerts
required
string (roles.RolePermission)
Enum: "FULL_ACCESS" "READ_ONLY" "NO_ACCESS"
followingQuestionnaires
required
string (roles.RolePermission)
Enum: "FULL_ACCESS" "READ_ONLY" "NO_ACCESS"
followingAssessments
required
string (roles.RolePermission)
Enum: "FULL_ACCESS" "READ_ONLY" "NO_ACCESS"
followingOrganizations
required
string (roles.RolePermission)
Enum: "FULL_ACCESS" "READ_ONLY" "NO_ACCESS"
followingOrganizationsTags
Array of strings
followerAssessments
required
string (roles.RolePermission)
Enum: "FULL_ACCESS" "READ_ONLY" "NO_ACCESS"
followerOrganizations
required
string (roles.RolePermission)
Enum: "FULL_ACCESS" "READ_ONLY" "NO_ACCESS"

Responses

Request samples

Content type
application/json
{
  • "name": "string",
  • "description": "string",
  • "landingPage": "ORGANIZATION_DASHBOARD",
  • "organizationSettings": "FULL_ACCESS",
  • "organizationMembers": "FULL_ACCESS",
  • "organizationAlerts": "FULL_ACCESS",
  • "organizationScanTargets": "FULL_ACCESS",
  • "organizationScanTargetsTags": [
    ],
  • "followingAlerts": "FULL_ACCESS",
  • "followingQuestionnaires": "FULL_ACCESS",
  • "followingAssessments": "FULL_ACCESS",
  • "followingOrganizations": "FULL_ACCESS",
  • "followingOrganizationsTags": [
    ],
  • "followerAssessments": "FULL_ACCESS",
  • "followerOrganizations": "FULL_ACCESS"
}

Response samples

Content type
application/json
{
  • "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
  • "organizationId": "7bc05553-4b68-44e8-b7bc-37be63c6d9e9",
  • "name": "string",
  • "description": "string",
  • "landingPage": "ORGANIZATION_DASHBOARD",
  • "organizationSettings": "FULL_ACCESS",
  • "organizationMembers": "FULL_ACCESS",
  • "organizationAlerts": "FULL_ACCESS",
  • "organizationScanTargets": "FULL_ACCESS",
  • "organizationScanTargetsTags": [
    ],
  • "followingAlerts": "FULL_ACCESS",
  • "followingQuestionnaires": "FULL_ACCESS",
  • "followingAssessments": "FULL_ACCESS",
  • "followingOrganizations": "FULL_ACCESS",
  • "followingOrganizationsTags": [
    ],
  • "followerAssessments": "FULL_ACCESS",
  • "followerOrganizations": "FULL_ACCESS"
}

Admin

Decline a scan target suggestion

Decline a specific scan target suggestion for a given organization. Only available for super admins.

Authorizations:
zanshin_auth
path Parameters
organizationId
required
string <uuid> (organization.OrganizationId)
suggestionId
required
string <uuid> (common.Id)

Responses

Response samples

Content type
application/json
{
  • "statusCode": 400,
  • "error": "BadRequest",
  • "message": "BadRequest"
}