Skip to main content

Summary Report REST API

You can use the Summary Report API to get a summary report of the overall security quality of your application without sharing the details of the discovered findings.

You can use the Findings API to get more detailed findings information, such as the list of findings, their location, and remediation guidance.

Permissions and authentication

Before you can use this API, you must have one of these accounts with the required roles:

  • An API service account with the Results API role.
  • A user account with the Reviewer or Security Lead role.

This API uses API ID/key credentials and HMAC authentication to provide improved security. Before you can send requests, you must complete these configurations:

Ensure you access the APIs with the domain for your region.

Summary Report API specification

The Summary Report API specification is available from SwaggerHub.


The scan type field in past results from this API may contain values for deprecated Dynamic Analysis products. All new scans return a DynamicScanType type of DA.