Polaris API Introduction

Introduction

Polaris APIs offer the best way to retrieve issue information from automated tests.

Tip: Although APIs offer a way to do everything that Polaris can do, you might choose the Bridge CLI to add tests to your pipelines.

After tests run, APIs can help with the following:

  • Retrieve the latest issue data by specifying a test, a project, or an application.
  • Filter for relevant results. For example, high severity or OWASP Top 10 issues.
  • Retrieve a complete list of issues, a count of issues, or a count of certain kinds of issues.
  • Triage issues or assign them to developers.
  • Create an Azure DevOps or Jira ticket for a Polaris issue.

To begin using Polaris APIs try the API Quickstart.

Polaris API services

Polaris has APIs to perform all the tasks in the following table. The API name column contains links to the reference docs for each API. From there, you can learn more about the API, explore the interactive API reference docs, and download the Open API specification (OAS) in YAML format.

Table 1. Polaris APIs and their functions
API name Description
Audit Retrieves detailed information about actions and events in Polaris. Audit records are discarded after 7 days.
Identity and Access Management Provides authentication and authorization for all public APIs of the Polaris Platform.
Bug Tracking Integration Creates tickets in Azure DevOps or Jira for issues you export from Polaris.
Notification Manage your organization's notification settings (including notification settings for users).
Findings Provides lists and counts of issues and issue families.
Policies

Use this service to create issue policies, component policies, and test scheduling policies.

Use issue policies to automate actions when issues with specific properties are detected in a test (including setting fix-by dates, if necessary). Actions include:

  • Sending email notifications
  • Breaking a build
  • Creating a ticket in Azure DevOps or Jira

Use component policies to automate actions when components with specific properties are detected in a SCA test. Actions include:

  • Sending email notifications
  • Breaking a build

Use test scheduling policies to automate tests of SCM-integrated branches on a weekly or daily basis.
Portfolio Manages portfolios, portfolio items (applications), and portfolio sub-items (projects).
Reports Generates, lists, and downloads reports.
Repos Integration Manages scans in repositories, including GitHub and GitLab.
Tests Creates and updates tests. Retrieves artifacts related to tests.
Tools Handles retrieval of command line tools and tool-related information. Use this service to download Bridge CLI, the Polaris command line interface.