Skip to main content
PATCH
Close a finding (mark fixed or dismiss as not an issue)

Headers

Authorization
string | null

Bearer token with API key

Path Parameters

finding_id
string
required

Body

application/json

Request body to close a finding via the external API.

Deliberately stricter than the dashboard's :class:FindingStatusUpdateRequest: a category and an explanation are mandatory for every close, so an API-driven close is always well-formed and carries the rationale we record as the fix (fixed) or feed back to the attacker (dismissed).

  • status is limited to the two close actions.
  • explanation is always required (non-empty after trimming). It maps to fix_description when fixed and to dismissed_reason_text when dismissed.
  • reason_code is the dismissal category, typed as the :data:DismissalReasonCode literal so the allowed values are published in the schema and membership is enforced automatically. It is required when status is dismissed and unused otherwise.
status
enum<string>
required

Close action: 'fixed' (resolved) or 'dismissed' (not an issue).

Available options:
fixed,
dismissed
explanation
string
required

Why the finding is being closed. Required for every close: recorded as the fix description when 'fixed' and as the dismissal rationale when 'dismissed'. Maximum 2 000 characters.

Required string length: 1 - 2000
reason_code
enum<string> | null

Dismissal category. Required when status is 'dismissed'; ignored otherwise. Allowed values: data_is_public, authenticated_users_only, working_as_designed, mitigated_elsewhere, accepted_risk, false_positive, other.

Available options:
data_is_public,
authenticated_users_only,
working_as_designed,
mitigated_elsewhere,
accepted_risk,
false_positive,
other

Response

Successful Response

One finding in the external API response.

severity is typed as the canonical FindingSeverity enum so OpenAPI publishes the allowed values and JSON output is always lowercase. attacks carries the per-probe replay artefacts; the finding row carries only the technique-level narrative shared across every attack under it.

finding_id
string
required
lens
enum<string>
required

Taxonomy partition a Finding (or test suite) is scoped to.

Each lens is a top-level taxonomy bucket prefix. security and safety are the v1 lenses; quality and policy are reserved for future expansion. The lens drives:

  • Discriminator on the persisted Finding (security vs safety subtypes).
  • Security-scope enforcement at ingest (security-lens runs may only emit security.* categories).
  • Per-lens system prompts at the generator and retest layers.
Available options:
security,
safety,
quality,
policy
category
string
required
severity
enum<string>
required

Business-impact severity levels, ordered from most to least severe.

Available options:
critical,
high,
medium,
low
description
string
required
expected_behavior
string
required
status
string
required
created_at
string
required
attacks
ApiAttackItem · object[]
required