Documentation Index
Fetch the complete documentation index at: https://docs.vidocsecurity.com/llms.txt
Use this file to discover all available pages before exploring further.
The Issues API allows you to programmatically access security findings from your scans.
The Issues API is available for enterprise plans. Contact support for access.
List Issues
Endpoint
Query Parameters
| Parameter | Type | Description |
|---|
projectId | string | Filter by project |
codebaseId | string | Filter by repository |
status | string | open, ignored, closed |
severity | string | critical, high, medium, low, informative |
category | string | Security category (e.g., sqli, xss) |
limit | number | Results per page (default: 50, max: 100) |
offset | number | Pagination offset |
Example Request
curl "https://api.vidocsecurity.com/v1/issues?status=open&severity=critical" \
-H "Authorization: Bearer $VIDOC_API_KEY"
Response
{
"issues": [
{
"id": "issue_abc123",
"title": "SQL Injection in user query",
"severity": "critical",
"category": "sqli",
"status": "open",
"filePath": "src/db/users.js",
"lineNumber": 45,
"codebaseId": "codebase_xyz",
"branch": "main",
"createdAt": "2024-01-15T10:35:00Z"
}
],
"total": 1,
"limit": 50,
"offset": 0
}
Get Issue Details
Endpoint
Example Request
curl https://api.vidocsecurity.com/v1/issues/issue_abc123 \
-H "Authorization: Bearer $VIDOC_API_KEY"
Response
{
"id": "issue_abc123",
"title": "SQL Injection in user query",
"description": "User input is directly concatenated into SQL query without sanitization.",
"severity": "critical",
"category": "sqli",
"status": "open",
"filePath": "src/db/users.js",
"lineNumber": 45,
"codeSnippet": "const query = `SELECT * FROM users WHERE id = ${userId}`;",
"remediation": "Use parameterized queries to prevent SQL injection.",
"codebaseId": "codebase_xyz",
"branch": "main",
"scanId": "scan_789",
"createdAt": "2024-01-15T10:35:00Z"
}
Update Issue Status
Endpoint
PATCH /v1/issues/:issueId
Request Body
| Field | Type | Description |
|---|
status | string | New status: open, ignored, closed |
reason | string | Reason (required for ignored) |
Mark as Fixed
curl -X PATCH https://api.vidocsecurity.com/v1/issues/issue_abc123 \
-H "Authorization: Bearer $VIDOC_API_KEY" \
-H "Content-Type: application/json" \
-d '{"status": "closed"}'
Ignore Issue
curl -X PATCH https://api.vidocsecurity.com/v1/issues/issue_abc123 \
-H "Authorization: Bearer $VIDOC_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"status": "ignored",
"reason": "False positive - input is sanitized in middleware"
}'
Response
{
"id": "issue_abc123",
"status": "ignored",
"updatedAt": "2024-01-15T11:00:00Z"
}
Issue Categories
| Category | Description |
|---|
sqli | SQL Injection |
xss | Cross-Site Scripting |
command-injection | Command Injection |
ssrf | Server-Side Request Forgery |
path-traversal | Path Traversal |
idor | Insecure Direct Object Reference |
hardcoded-secrets | Hardcoded Credentials |
weak-cryptography | Weak Cryptography |
async function getAllIssues(apiKey, projectId) {
const issues = [];
let offset = 0;
const limit = 100;
while (true) {
const response = await fetch(
`https://api.vidocsecurity.com/v1/issues?projectId=${projectId}&limit=${limit}&offset=${offset}`,
{
headers: { 'Authorization': `Bearer ${apiKey}` }
}
);
const data = await response.json();
issues.push(...data.issues);
if (data.issues.length < limit) {
break; // No more results
}
offset += limit;
}
return issues;
}
Filtering Examples
Critical Issues Only
GET /v1/issues?severity=critical&status=open
By Repository
GET /v1/issues?codebaseId=codebase_abc123
By Category
GET /v1/issues?category=sqli
Multiple Filters
GET /v1/issues?severity=high&category=xss&status=open
Webhooks (Coming Soon)
Subscribe to issue events:
- New issue detected
- Issue status changed
- Scan completed
Contact support to join the beta.
Related Pages
API Authentication
Authentication setup
Scanning API
Trigger scans
Issues Dashboard
Web interface
Security Categories
Issue categories
