"openapi: 3.0.1\ninfo:\n title: Reports\n description: >\n **Note:** Media type names used in Polaris APIs were renamed and no longer include “synopsys”. Although media types that include “synopsys” were removed from the API specifications, existing\n endpoints will continue to support them until `September 6, 2025`. Please update your scripts to use the new media types.\n\n\n Use the Report Service to create, manage, and download reports. The following reports are supported:\n\n\n * Developer detail SCA\n\n * Developer detail Static\n\n * Executive summary\n\n * Issue overview\n\n * Issue summary\n\n * Security audit\n\n * Software bill of materials (SBOM)\n\n * Standard compliance\n\n * Standard compliance detail\n\n * Test summary\n\n\n **Note:** Find descriptions of different reports in the Polaris user documentation, here: [Create a\n report](https://polaris.synopsys.com/developer/default/polaris-documentation/t_how-to-create-report).\n\n\n To download a preexisting report: \n\n\n 1. Retrieve a list of reports using <code>GET /reports</code>.\n\n 2. Download the report using <code>GET /reports/{reportId}/download</code> (with the completed report's `id`).\n\n\n **Base path change and deprecation notice**\n\n\n The base path for the Report service is changing (from `/api/report-service` to `/api/insights`). The `/api/report-service/` base path will continue to function until `Sat, 6 Sep 2025 23:59:59\n GMT`.\n\n\n Additionally, several endpoints are being deprecated. Endpoints that are being deprecated include additional properties in response headers:\n\n\n ```\n\n \"Deprecation\": \"Fri, 6 June 2025 23:59:59 GMT\",\n\n \"Link\": \"New version of API link; rel=\\\"alternate\\\"\",\n\n \"Sunset\": \"Sat, 6 Sep 2025 23:59:59 GMT\"\n\n ```\n\n\n * `Deprecation`: The date and time when a resource will be deprecated. After this date, the resource may be removed from future versions of the API.\n\n * `Link`: A link to a supported endpoint that replicates the functionality of a deprecated one.\n\n * `Sunset`: The date and time when a resource will be removed, and no longer be available.\n contact:\n name: Black Duck, Inc.\n url: https://polaris.blackduck.com/\n version: 1.0.0\n x-logo:\n icon: fa-file-chart-pie\n primary: null\n secondary: null\nservers:\n - url: /api/insights\ntags:\n - name: Reports\n description: Create, List, and Download reports.\n - name: Configurations\n description: Create, List and Delete Report Configurations.\nsecurity:\n - ApiKeyAuth: []\npaths:\n /reports/report-types:\n get:\n operationId: getReportTypes\n tags:\n - Reports\n summary: |\n Get supported report types\n description: |\n Retrieves list of supportred report types.\n parameters:\n - name: _offset\n in: query\n description: >\n Returns results, starting from the specified position within the response. For example, if the offset is set to 5, then the first 5 records are skipped and the 6th record is the first\n record returned. Default value is 0. If the offset is beyond the range of the collection, no results are returned.\n schema:\n type: integer\n format: int32\n example: 0\n - name: _limit\n in: query\n description: >\n Restricts the number of results to the specified limit. The default is 25 and maximum limit allowed is 100. If a limit greater than 100 is provided, the response will be \"HTTP 400 Bad\n Request.\"\n schema:\n type: integer\n format: int32\n example: 10\n responses:\n '200':\n description: Success.\n content:\n application/vnd.report-service.report-types-2+json:\n schema:\n allOf:\n - type: object\n - properties:\n _items:\n type: object\n properties:\n reportType:\n type: string\n description: Type of the report.\n description:\n type: string\n description: Report Type description.\n example:\n reportType: issues-report\n description: Polaris Issue Summary Report\n _links:\n type: array\n items:\n description: An array of links that can be followed for further information about this resource.\n properties:\n href:\n type: string\n format: url\n description: The URI to follow for this reference.\n rel:\n type: string\n default: self\n description: The relation name.\n method:\n type: string\n default: GET\n description: The HTTP method to use while following this reference.\n example:\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: first\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: next\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: prev\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: last\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: self\n method: GET\n _collections:\n type: object\n required:\n - itemCount\n - currentPage\n - pageCount\n properties:\n itemCount:\n type: integer\n format: int32\n currentPage:\n type: integer\n default: 0\n pageCount:\n type: integer\n default: 25\n example:\n itemCount: 1\n currentPage: 1\n pageCount: 1\n '400':\n description: Bad request.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 400\n type: urn:x-report-service:request-failed\n title: Unable to process your request\n detail: Unable to process your request.\n locationId: 12345678\n remediation: ''\n errors:\n - detail: Limit value must not be less than 0 and cannot be more than 100\n '401':\n description: Access token not valid.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 401\n type: urn:x-report-service:unauthorized\n title: Unauthorized request\n detail: User is not authorized for this operation.\n locationId: 12345678\n remediation: Please get authorization to perform this operation\n errors:\n - detail: Invalid token is provided. Valid token must be given for processing the request.\n '403':\n description: Forbidden.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 403\n type: urn:x-report-service:forbidden\n title: User is forbidden for the operation\n detail: User doesn't have authorization to access this resource.\n locationId: 12345678\n remediation: Please get the proper access for the user\n errors:\n - detail: User doesn't have authorization to access this resource.\n '404':\n description: Not Found.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 404\n type: urn:x-report-service:request-failed\n title: Unable to process your request\n detail: No report types are available.\n locationId: 12345678\n remediation: ''\n errors:\n - detail: No report types are available.\n '500':\n description: Internal server error.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 500\n type: urn:x-report-service:internal-server-room\n title: Something Went Wrong\n detail: Unable to process your request.\n locationId: 12345678\n remediation: ''\n errors:\n - detail: Unexpected error occurred in processing the request.\n /reports/{reportType}/generate:\n post:\n operationId: generateReport\n tags:\n - Reports\n summary: Generate reports (PDF)\n description: |\n Generates the type of PDF report requested. \n\n **Note:** Get a list of `reportType` values with the `GET /reports/report-types` endpoint.\n parameters:\n - name: reportType\n in: path\n required: true\n description: >-\n Type of the report. The report types supported are `issues-report`, `standard-compliance`, `security-audit`, `test-summary`, `issue-overview`, `developer-detail-static`,\n `developer-detail-sca`, `standard-compliance-detail`.\n schema:\n type: string\n requestBody:\n description: Contains the application ID for which the report should be generated, along with issue severities, and tools.\n content:\n application/vnd.report-service.report-2+json:\n schema:\n required:\n - applications\n - severities\n - tools\n type: object\n properties:\n name:\n type: string\n description: >\n Report name specified by the user. Defaults to Report Type_<createddate, YYYYMMDD> (for example, Polaris Issue Summary Report_20240101). Report name length should not exceed more\n than 256 characters.\n example: Polaris Issue Summary Report\n format:\n type: string\n description: |\n Type of the report. Supported formats is pdf.\n example: pdf\n applications:\n type: array\n description: |\n Specify the applications and projects to include in the report.\n items:\n type: object\n description: |\n An individual application containing `id` and `projects`.\n required:\n - id\n - projects\n properties:\n id:\n type: string\n format: uuid\n description: |\n Specify the application ID to be included in the report.\n projects:\n type: array\n items:\n type: string\n format: uuid\n description: Specify the IDs of projects to include in the report.\n example:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n - ed930182-94ca-4833-a39d-06a166125828\n severities:\n type: array\n items:\n type: string\n description: |\n Type of severity for the report to be generated. Severity can be `high`, `medium` and/or `low`.\n example:\n - critical\n - high\n - medium\n - low\n - informational\n tools:\n type: array\n items:\n type: string\n description: Type of tools used for generating the report. Values can be `SCA_PACKAGE`, `SCA_SIGNATURE` and `STATIC_POLARIS`.\n example:\n - STATIC_POLARIS\n - SCA_PACKAGE\n - SCA_SIGNATURE\n standard:\n type: string\n description: >\n Type of standard used for generating the report. Values can be `none` (No Selection), `ty-1` (OWASP Web Top Ten 2017), `ty-2` (OWASP Web Top Ten 2021), `ty-4` (2021 CWE Top 25),\n `ty-5` (PCI DSS 2018), or `ty-7` (2022 CWE Top 25).\n example: ty-2\n timePeriod:\n type: string\n description: |\n Time period used for generating the report. Values can be `all-time` (Default), `last-30-days` (Last 30 Days), `last-60-days` (Last 60 Days) or `last-90-days` (Last 90 Days).\n example: all-time\n application/vnd.report-service.report-1+json:\n schema:\n required:\n - applications\n - severities\n - tools\n type: object\n properties:\n applications:\n type: array\n description: |\n Specify the applications and projects to include in the report.\n items:\n type: object\n description: |\n An individual application containing `id` and `projects`.\n required:\n - id\n - projects\n properties:\n id:\n type: string\n format: uuid\n description: |\n Specify the application ID to be included in the report.\n projects:\n type: array\n items:\n type: string\n format: uuid\n description: Specify the IDs of projects to include in the report.\n example:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n - ed930182-94ca-4833-a39d-06a166125828\n severities:\n type: array\n items:\n type: string\n description: |\n Type of severity for the report to be generated. Severity can be `high`, `medium` and/or `low`.\n example:\n - critical\n - high\n - medium\n - low\n - informational\n tools:\n type: array\n items:\n type: string\n description: Type of tools used for generating the report. Values can be `SCA_PACKAGE`, `SCA_SIGNATURE` and `STATIC_POLARIS`.\n example:\n - STATIC_POLARIS\n - SCA_PACKAGE\n - SCA_SIGNATURE\n standard:\n type: string\n description: >\n Type of standard used for generating the report. Values can be `none` (No Selection), `ty-1` (OWASP Web Top Ten 2017), `ty-2` (OWASP Web Top Ten 2021), `ty-4` (2021 CWE Top 25),\n `ty-5` (PCI DSS 2018), or `ty-7` (2022 CWE Top 25).\n example: ty-2\n required: true\n responses:\n '200':\n description: Success.\n headers:\n DeprecationHeader:\n description: Indicates that the resource is deprecated and may be removed in the future version of the APIs. <br /> It is way to inform clients that they should migrate to alternative resources.\n schema:\n type: string\n example: Fri, 6 June 2025 23:59:59 GMT\n LinkHeader:\n description: Provide link to alternative/related resource after the resource has been sunset.\n schema:\n type: string\n example: New version of API link; rel=\"alternate\"\n SunsetHeader:\n description: Specifies the date and time after which the resource will no longer be available.\n schema:\n type: string\n example: Sat, 6 Sep 2025 23:59:59 GMT\n content:\n application/vnd.report-service.report-2+json:\n schema:\n allOf:\n - type: object\n - properties:\n id:\n type: string\n format: uuid\n description: The report's ID.\n name:\n type: string\n description: Name of the report.\n reportType:\n type: string\n description: >-\n Type of the report. Available report types are `issues-report`, `standard-compliance`, `security-audit`, `test-summary`, `issue-overview`, `developer-detail-static`,\n `developer-detail-sca`, `standard-compliance-detail`, `spdx` and `cyclonedx`.\n reportTypeDescription:\n type: string\n description: Report type description of the report.\n startDate:\n type: string\n description: Date and time when the report generation started.\n completedDate:\n type: string\n description: SpecifyDate and time when the report generation completed.\n createdBy:\n type: string\n format: uuid\n description: The ID of the user who created the report.\n configuration:\n type: string\n description: Report configurations used to generate the report in `json` format. It includes applications, projects, severities, tools and standards selected before report generation.\n configurationId:\n type: string\n description: The report configuration ID used to generate the report.\n format:\n type: string\n description: Report file format. Available formats are `pdf` and `json`.\n status:\n type: string\n description: Report Status. Available statuses are `INITIATED`, `IN_PROGRESS`, `COMPLETED` and `FAILED`.\n failureReason:\n type: string\n description: An error message to explain why the report generation failed.\n fileSize:\n type: string\n description: Report file size in bytes.\n message:\n type: string\n description: Message to indicate whether report generation is completed or failed.\n _links:\n type: array\n items:\n type: object\n description: An individual link that can be followed for further information about this resource.\n properties:\n href:\n type: string\n format: url\n description: The URI to follow for this reference.\n rel:\n type: string\n default: self\n description: The relation name.\n method:\n type: string\n default: GET\n description: The HTTP method to use while following this reference.\n example:\n - href: https://example.com/reports/3fa85f64-5717-4562-b3fc-2c963f66afa6\n rel: self\n method: GET\n application/vnd.report-service.report-1+json:\n schema:\n allOf:\n - type: object\n - type: object\n properties:\n object:\n type: string\n description: |\n Message to indicate the request is accepted and Polaris is generating the report.\n example: Your report is generating. You will be notified by email when it is ready.\n '400':\n description: Bad request.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 400\n type: urn:x-report-service:missing-or-invalid-body\n title: Empty or Invalid Request Body\n detail: Request body either not found or having invalid format.\n locationId: 12345678\n remediation: Please provide a valid request body\n errors:\n - detail: Request body either not found or having invalid format.\n '401':\n description: Access token not valid.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 401\n type: urn:x-report-service:unauthorized\n title: Unauthorized request\n detail: User is not authorized for this operation.\n locationId: 12345678\n remediation: Please get authorization to perform this operation\n errors:\n - detail: Invalid token is provided. Valid token must be given for processing the request.\n '403':\n description: Forbidden.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 403\n type: urn:x-report-service:forbidden\n title: User is forbidden for the operation\n detail: User doesn't have authorization to access this resource.\n locationId: 12345678\n remediation: Please get the proper access for the user.\n errors:\n - detail: User doesn't have authorization to access this resource.\n '500':\n description: Internal server error.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 500\n type: urn:x-report-service:internal-server-room\n title: Something Went Wrong\n detail: Unable to process your request.\n locationId: 12345678\n remediation: ''\n errors:\n - detail: Unexpected error occurred in processing the request.\n deprecated: true\n /reports/{reportType}/export:\n post:\n operationId: exportReport\n tags:\n - Reports\n summary: Exports the SPDX or CycloneDX-compatible SBOM report (JSON)\n description: |\n Export the type of report requested. The report types currently available are `spdx` or `cyclonedx`.\n parameters:\n - name: reportType\n in: path\n required: true\n description: Type of the report. The report types currently available are `spdx` or `cyclonedx`.\n schema:\n type: string\n requestBody:\n description: Contains the project ID for which the report should be generated.\n content:\n application/vnd.report-service.sbom-2+json:\n schema:\n required:\n - applications\n type: object\n properties:\n name:\n type: string\n description: >\n Report name specified by the user. Defaults to Report Type_<createddate, YYYYMMDD> (for example, Polaris Issue Summary Report_20240101). Report name length should not exceed more\n than 256 characters.\n example: SBOM Report\n format:\n type: string\n description: |\n Type of the report. Supported formats is json.\n example: json\n applications:\n type: array\n description: |\n Specify the project to include in the report.\n items:\n type: object\n description: |\n An individual application containing `projects`.\n required:\n - projects\n properties:\n projects:\n type: array\n items:\n type: string\n format: uuid\n description: Specify the ID of a project to include in the report.\n example:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n application/vnd.report-service.sbom-1+json:\n schema:\n required:\n - applications\n type: object\n properties:\n applications:\n type: array\n description: |\n Specify the project to include in the report.\n items:\n type: object\n description: |\n An individual application containing `projects`.\n required:\n - projects\n properties:\n projects:\n type: array\n items:\n type: string\n format: uuid\n description: Specify the ID of a project to include in the report.\n example:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n required: true\n responses:\n '200':\n description: Success.\n headers:\n DeprecationHeader:\n description: Indicates that the resource is deprecated and may be removed in the future version of the APIs. <br /> It is way to inform clients that they should migrate to alternative resources.\n schema:\n type: string\n example: Fri, 6 June 2025 23:59:59 GMT\n LinkHeader:\n description: Provide link to alternative/related resource after the resource has been sunset.\n schema:\n type: string\n example: New version of API link; rel=\"alternate\"\n SunsetHeader:\n description: Specifies the date and time after which the resource will no longer be available.\n schema:\n type: string\n example: Sat, 6 Sep 2025 23:59:59 GMT\n content:\n application/vnd.report-service.sbom-2+json:\n schema:\n allOf:\n - type: object\n - properties:\n id:\n type: string\n format: uuid\n description: The report's ID.\n name:\n type: string\n description: Name of the report.\n reportType:\n type: string\n description: >-\n Type of the report. Available report types are `issues-report`, `standard-compliance`, `security-audit`, `test-summary`, `issue-overview`, `developer-detail-static`,\n `developer-detail-sca`, `standard-compliance-detail`, `spdx` and `cyclonedx`.\n reportTypeDescription:\n type: string\n description: Report type description of the report.\n startDate:\n type: string\n description: Date and time when the report generation started.\n completedDate:\n type: string\n description: SpecifyDate and time when the report generation completed.\n createdBy:\n type: string\n format: uuid\n description: The ID of the user who created the report.\n configuration:\n type: string\n description: Report configurations used to generate the report in `json` format. It includes applications, projects, severities, tools and standards selected before report generation.\n configurationId:\n type: string\n description: The report configuration ID used to generate the report.\n format:\n type: string\n description: Report file format. Available formats are `pdf` and `json`.\n status:\n type: string\n description: Report Status. Available statuses are `INITIATED`, `IN_PROGRESS`, `COMPLETED` and `FAILED`.\n failureReason:\n type: string\n description: An error message to explain why the report generation failed.\n fileSize:\n type: string\n description: Report file size in bytes.\n message:\n type: string\n description: Message to indicate whether report generation is completed or failed.\n _links:\n type: array\n items:\n type: object\n description: An individual link that can be followed for further information about this resource.\n properties:\n href:\n type: string\n format: url\n description: The URI to follow for this reference.\n rel:\n type: string\n default: self\n description: The relation name.\n method:\n type: string\n default: GET\n description: The HTTP method to use while following this reference.\n example:\n - href: https://example.com/reports/3fa85f64-5717-4562-b3fc-2c963f66afa6\n rel: self\n method: GET\n application/vnd.report-service.sbom-1+json:\n schema:\n allOf:\n - type: object\n - type: object\n properties:\n object:\n type: string\n description: |\n Message to indicate the request is accepted and Polaris is generating the report.\n example: Your report is generating. You will be notified by email when it is ready.\n '400':\n description: Bad request.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 400\n type: urn:x-report-service:missing-or-invalid-body\n title: Empty or Invalid Request Body\n detail: Request body either not found or having invalid format.\n locationId: 12345678\n remediation: Please provide a valid request body\n errors:\n - detail: Request body either not found or having invalid format.\n '401':\n description: Access token not valid.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 401\n type: urn:x-report-service:unauthorized\n title: Unauthorized request\n detail: User is not authorized for this operation.\n locationId: 12345678\n remediation: Please get authorization to perform this operation.\n errors:\n - detail: Invalid token is provided. Valid token must be given for processing the request.\n '403':\n description: Forbidden.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 403\n type: urn:x-report-service:forbidden\n title: User is forbidden for the operation\n detail: User doesn't have authorization to access this resource.\n locationId: 12345678\n remediation: Please get the proper access for the user.\n errors:\n - detail: User doesn't have authorization to access this resource.\n '500':\n description: Internal server error.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 500\n type: urn:x-report-service:internal-server-room\n title: Something Went Wrong\n detail: Unable to process your request.\n locationId: 12345678\n remediation: ''\n errors:\n - detail: Unexpected error occurred in processing the request.\n deprecated: true\n /reports/{reportType}/_actions/run:\n post:\n operationId: runReport\n tags:\n - Reports\n summary: |\n Run Report\n description: |\n Create new report with new report configuration.\n\n **Note:** Get a list of `reportType` values with the `GET /reports/report-types` endpoint.\n parameters:\n - name: reportType\n in: path\n required: true\n description: >-\n Type of the report. The report types supported are `issues-report`, `standard-compliance`, `security-audit`, `test-summary`, `issue-overview`, `developer-detail-static`,\n `developer-detail-sca`, `standard-compliance-detail`, `spdx`, `cyclonedx`.\n schema:\n type: string\n requestBody:\n description: Contains the application ID for which the report should be generated, along with issue severities, tools, and standard.\n content:\n application/vnd.polaris.insights.reports-1+json:\n schema:\n required:\n - name\n - applications\n - severities\n - tools\n type: object\n properties:\n name:\n type: string\n description: >\n Report configuration name specified by the user. Report configuration name length should not exceed more than 256 characters. The reports generated using the report configurations,\n will have same name as report configurations name.\n example: Report configuration Name\n appendDate:\n type: boolean\n description: |\n If true, the report name will be appended with the current date when the report is generated using the configuration.\n example: true\n applications:\n type: array\n description: |\n Specify the applications and projects to include in the report configuration.\n items:\n type: object\n description: |\n An individual application containing `id` and `projects`.\n required:\n - id\n - projects\n properties:\n id:\n type: string\n format: uuid\n description: |\n Specify the application ID to be included in the report.\n projects:\n type: array\n items:\n type: string\n format: uuid\n description: Specify the IDs of projects to include in the report.\n example:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n - ed930182-94ca-4833-a39d-06a166125828\n severities:\n type: array\n items:\n type: string\n description: |\n Type of severity for the report to be generated. Severity can be `high`, `medium` and/or `low`.\n example:\n - critical\n - high\n - medium\n - low\n - informational\n tools:\n type: array\n items:\n type: string\n description: Type of tools used for generating the report. Values can be `SCA_PACKAGE`, `SCA_SIGNATURE` and `STATIC_POLARIS`.\n example:\n - STATIC_POLARIS\n - SCA_PACKAGE\n - SCA_SIGNATURE\n standard:\n type: string\n description: >\n Type of standard used for generating the report. Values can be `none` (No Selection), `ty-1` (OWASP Web Top Ten 2017), `ty-2` (OWASP Web Top Ten 2021), `ty-4` (2021 CWE Top 25),\n `ty-5` (PCI DSS 2018), or `ty-7` (2022 CWE Top 25).\n example: ty-2\n required: true\n responses:\n '200':\n description: Success.\n content:\n application/vnd.polaris.insights.reports-1+json:\n schema:\n allOf:\n - type: object\n - properties:\n id:\n type: string\n format: uuid\n description: The report's ID.\n name:\n type: string\n description: Name of the report.\n reportType:\n type: string\n description: >-\n Type of the report. Available report types are `issues-report`, `standard-compliance`, `security-audit`, `test-summary`, `issue-overview`, `developer-detail-static`,\n `developer-detail-sca`, `standard-compliance-detail`, `spdx` and `cyclonedx`.\n reportTypeDescription:\n type: string\n description: Report type description of the report.\n startDate:\n type: string\n description: Date and time when the report generation started.\n completedDate:\n type: string\n description: SpecifyDate and time when the report generation completed.\n createdBy:\n type: string\n format: uuid\n description: The ID of the user who created the report.\n configuration:\n type: string\n description: Report configurations used to generate the report in `json` format. It includes applications, projects, severities, tools and standards selected before report generation.\n configurationId:\n type: string\n description: The report configuration ID used to generate the report.\n format:\n type: string\n description: Report file format. Available formats are `pdf` and `json`.\n status:\n type: string\n description: Report Status. Available statuses are `INITIATED`, `IN_PROGRESS`, `COMPLETED` and `FAILED`.\n failureReason:\n type: string\n description: An error message to explain why the report generation failed.\n fileSize:\n type: string\n description: Report file size in bytes.\n message:\n type: string\n description: Message to indicate whether report generation is completed or failed.\n _links:\n type: array\n items:\n type: object\n description: An individual link that can be followed for further information about this resource.\n properties:\n href:\n type: string\n format: url\n description: The URI to follow for this reference.\n rel:\n type: string\n default: self\n description: The relation name.\n method:\n type: string\n default: GET\n description: The HTTP method to use while following this reference.\n example:\n - href: https://example.com/reports/3fa85f64-5717-4562-b3fc-2c963f66afa6\n rel: self\n method: GET\n '400':\n description: Bad request.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 400\n type: urn:x-report-service:missing-or-invalid-body\n title: Empty or Invalid Request Body\n detail: Request body either not found or having invalid format.\n locationId: 12345678\n remediation: Please provide a valid request body\n errors:\n - detail: Request body either not found or having invalid format.\n '401':\n description: Access token not valid.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 401\n type: urn:x-report-service:unauthorized\n title: Unauthorized request\n detail: User is not authorized for this operation.\n locationId: 12345678\n remediation: Please get authorization to perform this operation\n errors:\n - detail: Invalid token is provided. Valid token must be given for processing the request.\n '403':\n description: Forbidden.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 403\n type: urn:x-report-service:forbidden\n title: User is forbidden for the operation\n detail: User doesn't have authorization to access this resource.\n locationId: 12345678\n remediation: Please get the proper access for the user.\n errors:\n - detail: User doesn't have authorization to access this resource.\n '500':\n description: Internal server error.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n /reports/configurations/{configurationId}/_actions/run:\n post:\n operationId: runReportConfiguration\n tags:\n - Reports\n summary: |\n Run Report Configuration\n description: |\n Generate a new report using the existing report configuration.\n parameters:\n - name: configurationId\n in: path\n required: true\n description: The unique report configuration identifier.\n schema:\n type: string\n responses:\n '200':\n description: Success.\n content:\n application/vnd.polaris.insights.reports-1+json:\n schema:\n allOf:\n - type: object\n - properties:\n id:\n type: string\n format: uuid\n description: The report's ID.\n name:\n type: string\n description: Name of the report.\n reportType:\n type: string\n description: >-\n Type of the report. Available report types are `issues-report`, `standard-compliance`, `security-audit`, `test-summary`, `issue-overview`, `developer-detail-static`,\n `developer-detail-sca`, `standard-compliance-detail`, `spdx` and `cyclonedx`.\n reportTypeDescription:\n type: string\n description: Report type description of the report.\n startDate:\n type: string\n description: Date and time when the report generation started.\n completedDate:\n type: string\n description: SpecifyDate and time when the report generation completed.\n createdBy:\n type: string\n format: uuid\n description: The ID of the user who created the report.\n configuration:\n type: string\n description: Report configurations used to generate the report in `json` format. It includes applications, projects, severities, tools and standards selected before report generation.\n configurationId:\n type: string\n description: The report configuration ID used to generate the report.\n format:\n type: string\n description: Report file format. Available formats are `pdf` and `json`.\n status:\n type: string\n description: Report Status. Available statuses are `INITIATED`, `IN_PROGRESS`, `COMPLETED` and `FAILED`.\n failureReason:\n type: string\n description: An error message to explain why the report generation failed.\n fileSize:\n type: string\n description: Report file size in bytes.\n message:\n type: string\n description: Message to indicate whether report generation is completed or failed.\n _links:\n type: array\n items:\n type: object\n description: An individual link that can be followed for further information about this resource.\n properties:\n href:\n type: string\n format: url\n description: The URI to follow for this reference.\n rel:\n type: string\n default: self\n description: The relation name.\n method:\n type: string\n default: GET\n description: The HTTP method to use while following this reference.\n example:\n - href: https://example.com/reports/3fa85f64-5717-4562-b3fc-2c963f66afa6\n rel: self\n method: GET\n '400':\n description: Bad request.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 400\n type: urn:x-report-service:missing-or-invalid-body\n title: Empty or Invalid Request Body\n detail: Request body either not found or having invalid format.\n locationId: 12345678\n remediation: Please provide a valid request body\n errors:\n - detail: Request body either not found or having invalid format.\n '401':\n description: Access token not valid.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 401\n type: urn:x-report-service:unauthorized\n title: Unauthorized request\n detail: User is not authorized for this operation.\n locationId: 12345678\n remediation: Please get authorization to perform this operation\n errors:\n - detail: Invalid token is provided. Valid token must be given for processing the request.\n '403':\n description: Forbidden.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 403\n type: urn:x-report-service:forbidden\n title: User is forbidden for the operation\n detail: User doesn't have authorization to access this resource.\n locationId: 12345678\n remediation: Please get the proper access for the user.\n errors:\n - detail: User doesn't have authorization to access this resource.\n '404':\n description: Bad request.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 400\n type: urn:x-report-service:request-failed\n title: Unable to process your request\n detail: Unable to process your request.\n locationId: 12345678\n remediation: Please send the valid request to perform this operation.\n errors:\n detail: No configurations are available with configurationId 0294c2b8-1a64-41ae-a585-f3e17b25813e.\n '500':\n description: Internal server error.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example: null\n /reports:\n get:\n operationId: getReports\n tags:\n - Reports\n summary: |\n List all reports\n description: |\n Gets all reports matching the filtering criteria.\n parameters:\n - name: _filter\n in: query\n description: |\n A filter string that further limits the results returned, expressed in [RSQL syntax](https://github.com/jirutka/rsql-parser)\n format.\n\n Please see the filtering syntax documentation in this specification for further details on how to express an issue filter.\n example: name=='demo'\n schema:\n type: string\n format: rsql\n - name: _sort\n in: query\n explode: false\n description: |\n Sort results by a given ordering. If this is not provided, a reasonable default will be used so that pagination\n works consistently.\n\n Sorting should follow the following syntax: {field_name}|{asc|desc}[,{field_name}|{asc|desc}[,...]]\n schema:\n type: array\n items:\n type: string\n description: |\n The field name to sort, and then the ordering direction (\"asc\" or \"desc\"), joined by a pipe character\n (`|`).\n example: field_name|asc\n - name: _offset\n in: query\n description: >\n Returns results, starting from the specified position within the response. For example, if the offset is set to 5, then the first 5 records are skipped and the 6th record is the first\n record returned. Default value is 0. If the offset is beyond the range of the collection, no results are returned.\n schema:\n type: integer\n format: int32\n example: 0\n - name: _limit\n in: query\n description: >\n Restricts the number of results to the specified limit. The default is 25 and maximum limit allowed is 100. If a limit greater than 100 is provided, the response will be \"HTTP 400 Bad\n Request.\"\n schema:\n type: integer\n format: int32\n example: 10\n responses:\n '200':\n description: Success.\n content:\n application/vnd.report-service.records-1+json:\n schema:\n type: object\n required:\n - _items\n - _links\n - _collection\n properties:\n _items:\n type: array\n items:\n type: object\n required:\n - id\n - name\n - reportType\n properties:\n id:\n type: string\n format: uuid\n description: The report's ID.\n name:\n type: string\n description: The report's name.\n configurationId:\n type: string\n format: uuid\n description: The report configuration ID used to generate the report.x\n reportType:\n type: string\n description: >-\n The type of report (`issues-report`, `standard-compliance`,`security-audit`, `test-summary`, `issue-overview`, `developer-detail-static`, `developer-detail-sca`,\n `standard-compliance-detail`, `spdx` or `cyclonedx`).\n startDate:\n type: string\n description: The date and time when report generation started.\n completedDate:\n type: string\n description: The date and time when report generation completed.\n createdBy:\n type: string\n format: uuid\n description: The ID of the user who created the report.\n configuration:\n type: string\n description: A json-formatted string that includes the applications, projects, severities, tools, and standards used to generate the report.\n format:\n type: string\n description: The report's file format (`pdf` or `json`).\n status:\n type: string\n description: The report's status (`INITIATED`, `IN_PROGRESS`, `COMPLETED`, or `FAILED`).\n failureReason:\n type: string\n description: For failed reports, an error message that explains why report generation failed.\n fileSize:\n type: string\n description: The report's file size in bytes.\n message:\n type: string\n description: A message that indicates report generation is in progress, or report generation successful, or summarizes why it failed.\n description: An array of report details.\n _links:\n type: array\n items:\n description: An array of links that can be followed for further information about this resource.\n properties:\n href:\n type: string\n format: url\n description: The URI to follow for this reference.\n rel:\n type: string\n default: self\n description: The relation name.\n method:\n type: string\n default: GET\n description: The HTTP method to use while following this reference.\n example:\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: first\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: next\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: prev\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: last\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: self\n method: GET\n _collection:\n type: object\n required:\n - itemCount\n - currentPage\n - pageCount\n properties:\n itemCount:\n type: integer\n format: int32\n currentPage:\n type: integer\n default: 0\n pageCount:\n type: integer\n default: 25\n example:\n itemCount: 1\n currentPage: 1\n pageCount: 1\n '400':\n description: Bad request.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 400\n type: urn:x-report-service:request-failed\n title: Unable to process your request\n detail: Unable to process your request.\n locationId: 12345678\n remediation: ''\n errors:\n - detail: 'Please provide valid sort param, example: name|asc or name|desc.'\n '401':\n description: Access token not valid.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 401\n type: urn:x-report-service:unauthorized\n title: Unauthorized request\n detail: User is not authorized for this operation.\n locationId: 12345678\n remediation: Please get authorization to perform this operation\n errors:\n - detail: Invalid token is provided. Valid token must be given for processing the request.\n '403':\n description: Forbidden.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 403\n type: urn:x-report-service:forbidden\n title: User is forbidden for the operation\n detail: User doesn't have authorization to access this resource.\n locationId: 12345678\n remediation: Please get the proper access for the user\n errors:\n - detail: User doesn't have authorization to access this resource.\n '500':\n description: Internal server error.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 500\n type: urn:x-report-service:internal-server-room\n title: Something Went Wrong\n detail: Unable to process your request.\n locationId: 12345678\n remediation: ''\n errors:\n - detail: Unexpected error occurred in processing the request.\n /reports/{reportId}/download:\n get:\n operationId: downloadReport\n tags:\n - Reports\n summary: |\n Downloads the report.\n description: |\n Downloads the report associated with the specified ID.\n parameters:\n - name: reportId\n in: path\n required: true\n description: The unique report identifier.\n schema:\n type: string\n responses:\n '200':\n description: Success.\n headers:\n DeprecationHeader:\n description: Indicates that the resource is deprecated and may be removed in the future version of the APIs. <br /> It is way to inform clients that they should migrate to alternative resources.\n schema:\n type: string\n example: Fri, 6 June 2025 23:59:59 GMT\n LinkHeader:\n description: Provide link to alternative/related resource after the resource has been sunset.\n schema:\n type: string\n example: New version of API link; rel=\"alternate\"\n SunsetHeader:\n description: Specifies the date and time after which the resource will no longer be available.\n schema:\n type: string\n example: Sat, 6 Sep 2025 23:59:59 GMT\n '401':\n description: Access token not valid.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 401\n type: urn:x-report-service:unauthorized\n title: Unauthorized request\n detail: User is not authorized for this operation.\n locationId: 12345678\n remediation: Please get authorization to perform this operation\n errors:\n - detail: Invalid token is provided. Valid token must be given for processing the request.\n '403':\n description: Forbidden.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 403\n type: urn:x-report-service:forbidden\n title: User is forbidden for the operation\n detail: User doesn't have authorization to access this resource.\n locationId: 12345678\n remediation: Please get the proper access for the user\n errors:\n - detail: User doesn't have authorization to access this resource.\n '404':\n description: Not Found\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 404\n type: urn:x-report-service:request-failed\n title: Unable to process your request\n detail: No reports are available with reportId 50dc86d0-649f-4a10-ac4e-ca327943b14a.\n locationId: 12345678\n remediation: Please provide valid reportId.\n errors:\n - detail: No reports are available with reportId 50dc86d0-649f-4a10-ac4e-ca327943b14a.\n '500':\n description: Internal server error.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 500\n type: urn:x-report-service:internal-server-room\n title: Something Went Wrong\n detail: Unable to process your request.\n locationId: 12345678\n remediation: ''\n errors:\n - detail: Unexpected error occurred in processing the request.\n deprecated: true\n /reports/{reportId}/_actions/download:\n get:\n operationId: downloadReportTaxonomyApi\n tags:\n - Reports\n summary: |\n Downloads the report.\n description: |\n Downloads the report associated with the specified ID.\n parameters:\n - name: reportId\n in: path\n required: true\n description: The unique report identifier.\n schema:\n type: string\n responses:\n '200':\n description: Success.\n '401':\n description: Access token not valid.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 401\n type: urn:x-report-service:unauthorized\n title: Unauthorized request\n detail: User is not authorized for this operation.\n locationId: 12345678\n remediation: Please get authorization to perform this operation\n errors:\n - detail: Invalid token is provided. Valid token must be given for processing the request.\n '403':\n description: Forbidden.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 403\n type: urn:x-report-service:forbidden\n title: User is forbidden for the operation\n detail: User doesn't have authorization to access this resource.\n locationId: 12345678\n remediation: Please get the proper access for the user\n errors:\n - detail: User doesn't have authorization to access this resource.\n '404':\n description: Not Found\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 404\n type: urn:x-report-service:request-failed\n title: Unable to process your request\n detail: No reports are available with reportId 50dc86d0-649f-4a10-ac4e-ca327943b14a.\n locationId: 12345678\n remediation: Please provide valid reportId.\n errors:\n - detail: No reports are available with reportId 50dc86d0-649f-4a10-ac4e-ca327943b14a.\n '500':\n description: Internal server error.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 500\n type: urn:x-report-service:internal-server-room\n title: Something Went Wrong\n detail: Unable to process your request.\n locationId: 12345678\n remediation: ''\n errors:\n - detail: Unexpected error occurred in processing the request.\n /reports/{reportId}:\n get:\n operationId: getReportById\n tags:\n - Reports\n summary: |\n Find report details by ID\n description: |\n Retrieves Report details by report ID for the specified organization.\n parameters:\n - name: reportId\n in: path\n required: true\n description: The unique report identifier.\n schema:\n type: string\n responses:\n '200':\n description: Success.\n content:\n application/vnd.report-service.record-1+json:\n schema:\n properties:\n id:\n type: string\n format: uuid\n description: The report's ID.\n name:\n type: string\n description: Name of the report.\n reportType:\n type: string\n description: >-\n Type of the report. Available report types are `issues-report`, `standard-compliance`, `security-audit`, `test-summary`, `issue-overview`, `developer-detail-static`,\n `developer-detail-sca`, `standard-compliance-detail`, `spdx` and `cyclonedx`.\n reportTypeDescription:\n type: string\n description: Report type description of the report.\n startDate:\n type: string\n description: Date and time when the report generation started.\n completedDate:\n type: string\n description: SpecifyDate and time when the report generation completed.\n createdBy:\n type: string\n format: uuid\n description: The ID of the user who created the report.\n configuration:\n type: string\n description: Report configurations used to generate the report in `json` format. It includes applications, projects, severities, tools and standards selected before report generation.\n configurationId:\n type: string\n description: The report configuration ID used to generate the report.\n format:\n type: string\n description: Report file format. Available formats are `pdf` and `json`.\n status:\n type: string\n description: Report Status. Available statuses are `INITIATED`, `IN_PROGRESS`, `COMPLETED` and `FAILED`.\n failureReason:\n type: string\n description: An error message to explain why the report generation failed.\n fileSize:\n type: string\n description: Report file size in bytes.\n message:\n type: string\n description: Message to indicate whether report generation is completed or failed.\n _links:\n type: array\n items:\n type: object\n description: An individual link that can be followed for further information about this resource.\n properties:\n href:\n type: string\n format: url\n description: The URI to follow for this reference.\n rel:\n type: string\n default: self\n description: The relation name.\n method:\n type: string\n default: GET\n description: The HTTP method to use while following this reference.\n example:\n - href: https://example.com/reports/3fa85f64-5717-4562-b3fc-2c963f66afa6\n rel: self\n method: GET\n '400':\n description: Bad request\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 400\n type: urn:x-report-service:request-failed\n title: Unable to process your request\n detail: Please provide valid report ID.\n locationId: 12345678\n remediation: Please send the valid request to perform this operation.\n errors:\n - detail: Please provide valid report ID.\n '401':\n description: Access token not valid.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 401\n type: urn:x-report-service:unauthorized\n title: Unauthorized request\n detail: User is not authorized for this operation.\n locationId: 12345678\n remediation: Please get authorization to perform this operation\n errors:\n - detail: Invalid token is provided. Valid token must be given for processing the request.\n '403':\n description: Forbidden.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 403\n type: urn:x-report-service:forbidden\n title: User is forbidden for the operation\n detail: User doesn't have authorization to access this resource.\n locationId: 12345678\n remediation: Please get the proper access for the user.\n errors:\n - detail: User doesn't have authorization to access this resource.\n '404':\n description: Bad request.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 404\n type: urn:x-report-service:request-failed\n title: Unable to process your request\n detail: Unable to process your request.\n locationId: 12345678\n remediation: Please send the valid request to perform this operation.\n errors:\n detail: No reports are available with reportId 0294c2b8-1a64-41ae-a585-f3e17b25813e.\n '500':\n description: Internal server error.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 500\n type: urn:x-report-service:internal-server-room\n title: Something Went Wrong\n detail: Unable to process your request.\n locationId: 12345678\n remediation: ''\n errors:\n - detail: Unexpected error occurred in processing the request.\n delete:\n operationId: deleteReportById\n tags:\n - Reports\n summary: |\n Delete Report By ID\n description: |\n Deletes report details for specified report ID for specified organization.\n parameters:\n - name: reportId\n in: path\n required: true\n description: The unique report identifier.\n schema:\n type: string\n responses:\n '204':\n description: Success.\n '400':\n description: Bad request\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 400\n type: urn:x-report-service:request-failed\n title: Unable to process your request\n detail: Please provide valid report ID.\n locationId: 12345678\n remediation: Please send the valid request to perform this operation.\n errors:\n - detail: Please provide valid report ID\n '401':\n description: Access token not valid.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 401\n type: urn:x-report-service:unauthorized\n title: Unauthorized request\n detail: User is not authorized for this operation.\n locationId: 12345678\n remediation: Please get authorization to perform this operation\n errors:\n - detail: Invalid token is provided. Valid token must be given for processing the request.\n '403':\n description: Forbidden.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 403\n type: urn:x-report-service:forbidden\n title: User is forbidden for the operation\n detail: User doesn't have authorization to access this resource.\n locationId: 12345678\n remediation: Please get the proper access for the user.\n errors:\n - detail: User doesn't have authorization to access this resource.\n '404':\n description: Bad request.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 400\n type: urn:x-report-service:request-failed\n title: Unable to process your request\n detail: Unable to process your request.\n locationId: 12345678\n remediation: Please send the valid request to perform this operation.\n errors:\n detail: No reports are available with reportId 0294c2b8-1a64-41ae-a585-f3e17b25813e.\n '500':\n description: Internal server error.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 500\n type: urn:x-report-service:internal-server-room\n title: Something Went Wrong\n detail: Unable to process your request.\n locationId: 12345678\n remediation: ''\n errors:\n - detail: Unexpected error occurred in processing the request.\n /configurations:\n post:\n operationId: createReportConfiguration\n tags:\n - Configurations\n summary: |\n Create Report Configuration\n description: |\n Creates a new report configuration.\n requestBody:\n description: Contains the application ID and project IDs for which the report configuration should be generated, along with issue severities, tools, and standard.\n content:\n application/vnd.polaris.insights.configurations-1+json:\n schema:\n required:\n - name\n - applications\n - severities\n - tools\n type: object\n properties:\n name:\n type: string\n description: >\n Report configuration name specified by the user. Report configuration name length should not exceed more than 256 characters. The reports generated using the report configurations,\n will have same name as report configurations name.\n example: Report configuration Name\n appendDate:\n type: boolean\n description: |\n If true, the report name will be appended with the current date when the report is generated using the configuration.\n example: true\n reportType:\n type: string\n description: >\n Type of the report. The report types supported are `issues-report`, `standard-compliance`, `security-audit`, `test-summary`, `issue-overview`, `developer-detail-static`,\n `developer-detail-sca`, `standard-compliance-detail`.\n example: issues-report\n timePeriod:\n type: string\n description: |\n Time period used for generating the report. Values can be `all-time` (Default), `last-30-days` (Last 30 Days), `last-60-days` (Last 60 Days) or `last-90-days` (Last 90 Days).\n example: all-time\n applications:\n type: array\n description: |\n Specify the applications and projects to include in the report configuration.\n items:\n type: object\n description: |\n An individual application containing `id` and `projects`.\n required:\n - id\n - projects\n properties:\n id:\n type: string\n format: uuid\n description: |\n Specify the application ID to be included in the report.\n projects:\n type: array\n items:\n type: string\n format: uuid\n description: Specify the IDs of projects to include in the report.\n example:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n - ed930182-94ca-4833-a39d-06a166125828\n severities:\n type: array\n items:\n type: string\n description: |\n Type of severity for the report to be generated. Severity can be `high`, `medium` and/or `low`.\n example:\n - critical\n - high\n - medium\n - low\n - informational\n tools:\n type: array\n items:\n type: string\n description: Type of tools used for generating the report. Values can be `SCA_PACKAGE`, `SCA_SIGNATURE` and `STATIC_POLARIS`.\n example:\n - STATIC_POLARIS\n - SCA_PACKAGE\n - SCA_SIGNATURE\n standard:\n type: string\n description: >\n Type of standard used for generating the report. Values can be `none` (No Selection), `ty-1` (OWASP Web Top Ten 2017), `ty-2` (OWASP Web Top Ten 2021), `ty-4` (2021 CWE Top 25),\n `ty-5` (PCI DSS 2018), or `ty-7` (2022 CWE Top 25).\n example: ty-2\n required: true\n responses:\n '200':\n description: Success.\n content:\n application/vnd.polaris.insights.configurations-1+json:\n schema:\n allOf:\n - type: object\n - type: object\n properties:\n id:\n type: string\n format: uuid\n description: The report configuration's ID.\n name:\n type: string\n description: The report's name.\n reportType:\n type: string\n description: >-\n The type of report (`issues-report`, `standard-compliance`,`security-audit`, `test-summary`, `issue-overview`, `developer-detail-static`, `developer-detail-sca`,\n `standard-compliance-detail`, `spdx` or `cyclonedx`).\n appendDate:\n type: boolean\n description: The flag value which will decide whether to append date to report name or not.\n projectsCount:\n type: number\n description: The number of projects used in the report configuration.\n lastAccessedAt:\n type: string\n description: The date and time when the report configuration was last accessed.\n createdAt:\n type: string\n description: The date and time when the report configuration was created.\n createdBy:\n type: string\n format: uuid\n description: The ID of the user who created the report configuration.\n applications:\n type: array\n description: |\n Specify the applications and projects to include in the report.\n items:\n type: object\n description: |\n An individual application containing `id` and `projects`.\n required:\n - id\n - projects\n properties:\n id:\n type: string\n format: uuid\n description: |\n Specify the application ID to be included in the report.\n projects:\n type: array\n items:\n type: string\n format: uuid\n description: Specify the IDs of projects to include in the report.\n example:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n - ed930182-94ca-4833-a39d-06a166125828\n severities:\n type: array\n items:\n type: string\n description: |\n Type of severity for the report to be generated. Severity can be `high`, `medium` and/or `low`.\n example:\n - critical\n - high\n - medium\n - low\n - informational\n tools:\n type: array\n items:\n type: string\n description: Type of tools used for generating the report. Values can be `SCA_PACKAGE`, `SCA_SIGNATURE` and `STATIC_POLARIS`.\n example:\n - STATIC_POLARIS\n - SCA_PACKAGE\n - SCA_SIGNATURE\n standard:\n type: string\n description: >\n Type of standard used for generating the report. Values can be `none` (No Selection), `ty-1` (OWASP Web Top Ten 2017), `ty-2` (OWASP Web Top Ten 2021), `ty-4` (2021 CWE Top\n 25), `ty-5` (PCI DSS 2018), or `ty-7` (2022 CWE Top 25).\n example: ty-2\n timePeriod:\n type: string\n description: |\n Time period used for generating the report. Values can be `all-time` (Default), `last-30-days` (Last 30 Days), `last-60-days` (Last 60 Days) or `last-90-days` (Last 90 Days).\n example: all-time\n unauthorized_applications:\n type: string\n description: |\n The list of applications for which the user not having permissions in the scope of the configuration.\n warning:\n type: string\n description: |\n The warning message for the user not having permissions for 1 or more applications in the scope of the configuration.\n _links:\n type: array\n items:\n type: object\n description: An individual link that can be followed for further information about this resource.\n properties:\n href:\n type: string\n format: url\n description: The URI to follow for this reference.\n rel:\n type: string\n default: self\n description: The relation name.\n method:\n type: string\n default: GET\n description: The HTTP method to use while following this reference.\n example:\n - href: https://example.com/configurations/3fa85f64-5717-4562-b3fc-2c963f66afa6\n rel: self\n method: GET\n example:\n id: f6b4944e-87ce-11ec-a8a3-0242ac120002\n name: Report Name\n reportType: issues-report\n appendDate: true\n projectsCount: 2\n lastAccessedAt: '2024-06-13T12:56:31.419684Z'\n createdAt: '2024-06-13T12:56:31.419684Z'\n createdBy: a87e0ade-504e-41de-888f-5b8de83b6eb4\n applications:\n - id: ed3697b3-82ec-45ba-96f6-eece4633e65c\n projects:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n severities:\n - critical\n - high\n - medium\n - low\n - informational\n tools:\n - dast_polaris\n - static_polaris\n - sca_package\n - sca_signature\n standard: ty-2\n _links:\n - href: https://example.com/configurations/f6b4944e-87ce-11ec-a8a3-0242ac120002\n rel: self\n method: GET\n '400':\n description: Bad request.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 400\n type: urn:x-report-service:missing-or-invalid-body\n title: Empty or Invalid Request Body\n detail: Request body either not found or having invalid format.\n locationId: 12345678\n remediation: Please provide a valid request body\n errors:\n - detail: Request body either not found or having invalid format.\n '401':\n description: Access token not valid.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 401\n type: urn:x-report-service:unauthorized\n title: Unauthorized request\n detail: User is not authorized for this operation.\n locationId: 12345678\n remediation: Please get authorization to perform this operation\n errors:\n - detail: Invalid token is provided. Valid token must be given for processing the request.\n '403':\n description: Forbidden.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 403\n type: urn:x-report-service:forbidden\n title: User is forbidden for the operation\n detail: User doesn't have authorization to access this resource.\n locationId: 12345678\n remediation: Please get the proper access for the user.\n errors:\n - detail: User doesn't have authorization to access this resource.\n '409':\n description: Conflict - Report Configuration name already exists.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n type: urn:x-report-service:report-configuration-name-conflict\n title: Report Configuration Name Exists\n status: 409\n detail: Report Configuration name must be unique for a user in an organization.\n '500':\n description: Internal server error.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 500\n type: urn:x-report-service:internal-server-room\n title: Something Went Wrong\n detail: Unable to process your request.\n locationId: 12345678\n remediation: ''\n errors:\n - detail: Unexpected error occurred in processing the request.\n get:\n operationId: getReportConfigurations\n tags:\n - Configurations\n summary: |\n List all report configurations\n description: |\n Gets all reports configurations matching the filtering criteria.\n parameters:\n - name: _filter\n in: query\n description: |\n A filter string that further limits the results returned, expressed in [RSQL syntax](https://github.com/jirutka/rsql-parser)\n format.\n\n Please see the filtering syntax documentation in this specification for further details on how to express an issue filter.\n example: name=='demo'\n schema:\n type: string\n format: rsql\n - name: _sort\n in: query\n explode: false\n description: |\n Sort results by a given ordering. If this is not provided, a reasonable default will be used so that pagination\n works consistently.\n\n Sorting should follow the following syntax: {field_name}|{asc|desc}[,{field_name}|{asc|desc}[,...]]\n schema:\n type: array\n items:\n type: string\n description: |\n The field name to sort, and then the ordering direction (\"asc\" or \"desc\"), joined by a pipe character\n (`|`).\n example: field_name|asc\n - name: _offset\n in: query\n description: >\n Returns results, starting from the specified position within the response. For example, if the offset is set to 5, then the first 5 records are skipped and the 6th record is the first\n record returned. Default value is 0. If the offset is beyond the range of the collection, no results are returned.\n schema:\n type: integer\n format: int32\n example: 0\n - name: _limit\n in: query\n description: >\n Restricts the number of results to the specified limit. The default is 25 and maximum limit allowed is 100. If a limit greater than 100 is provided, the response will be \"HTTP 400 Bad\n Request.\"\n schema:\n type: integer\n format: int32\n example: 10\n responses:\n '200':\n description: Success.\n content:\n application/vnd.polaris.insights.configurations-1+json:\n schema:\n allOf:\n - type: object\n - allOf:\n - type: object\n properties:\n _items:\n type: array\n items:\n type: object\n properties:\n id:\n type: string\n format: uuid\n description: The report configuration's ID.\n name:\n type: string\n description: The report's name.\n reportType:\n type: string\n description: >-\n The type of report (`issues-report`, `standard-compliance`,`security-audit`, `test-summary`, `issue-overview`, `developer-detail-static`, `developer-detail-sca`,\n `standard-compliance-detail`, `spdx` or `cyclonedx`).\n appendDate:\n type: boolean\n description: The flag value which will decide whether to append date to report name or not.\n projectsCount:\n type: number\n description: The number of projects used in the report configuration.\n lastAccessedAt:\n type: string\n description: The date and time when the report configuration was last accessed.\n createdAt:\n type: string\n description: The date and time when the report configuration was created.\n createdBy:\n type: string\n format: uuid\n description: The ID of the user who created the report configuration.\n applications:\n type: array\n description: |\n Specify the applications and projects to include in the report.\n items:\n type: object\n description: |\n An individual application containing `id` and `projects`.\n required:\n - id\n - projects\n properties:\n id:\n type: string\n format: uuid\n description: |\n Specify the application ID to be included in the report.\n projects:\n type: array\n items:\n type: string\n format: uuid\n description: Specify the IDs of projects to include in the report.\n example:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n - ed930182-94ca-4833-a39d-06a166125828\n severities:\n type: array\n items:\n type: string\n description: |\n Type of severity for the report to be generated. Severity can be `high`, `medium` and/or `low`.\n example:\n - critical\n - high\n - medium\n - low\n - informational\n tools:\n type: array\n items:\n type: string\n description: Type of tools used for generating the report. Values can be `SCA_PACKAGE`, `SCA_SIGNATURE` and `STATIC_POLARIS`.\n example:\n - STATIC_POLARIS\n - SCA_PACKAGE\n - SCA_SIGNATURE\n standard:\n type: string\n description: >\n Type of standard used for generating the report. Values can be `none` (No Selection), `ty-1` (OWASP Web Top Ten 2017), `ty-2` (OWASP Web Top Ten 2021), `ty-4` (2021\n CWE Top 25), `ty-5` (PCI DSS 2018), or `ty-7` (2022 CWE Top 25).\n example: ty-2\n timePeriod:\n type: string\n description: >\n Time period used for generating the report. Values can be `all-time` (Default), `last-30-days` (Last 30 Days), `last-60-days` (Last 60 Days) or `last-90-days` (Last\n 90 Days).\n example: all-time\n unauthorized_applications:\n type: string\n description: |\n The list of applications for which the user not having permissions in the scope of the configuration.\n warning:\n type: string\n description: |\n The warning message for the user not having permissions for 1 or more applications in the scope of the configuration.\n _links:\n type: array\n items:\n type: object\n description: An individual link that can be followed for further information about this resource.\n properties:\n href:\n type: string\n format: url\n description: The URI to follow for this reference.\n rel:\n type: string\n default: self\n description: The relation name.\n method:\n type: string\n default: GET\n description: The HTTP method to use while following this reference.\n example:\n - href: https://example.com/configurations/3fa85f64-5717-4562-b3fc-2c963f66afa6\n rel: self\n method: GET\n example:\n id: f6b4944e-87ce-11ec-a8a3-0242ac120002\n name: Report Name\n reportType: issues-report\n appendDate: true\n projectsCount: 2\n lastAccessedAt: '2024-06-13T12:56:31.419684Z'\n createdAt: '2024-06-13T12:56:31.419684Z'\n createdBy: a87e0ade-504e-41de-888f-5b8de83b6eb4\n applications:\n - id: ed3697b3-82ec-45ba-96f6-eece4633e65c\n projects:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n severities:\n - critical\n - high\n - medium\n - low\n - informational\n tools:\n - dast_polaris\n - static_polaris\n - sca_package\n - sca_signature\n standard: ty-2\n _links:\n - href: https://example.com/configurations/f6b4944e-87ce-11ec-a8a3-0242ac120002\n rel: self\n method: GET\n _links:\n type: array\n items:\n description: An array of links that can be followed for further information about this resource.\n properties:\n href:\n type: string\n format: url\n description: The URI to follow for this reference.\n rel:\n type: string\n default: self\n description: The relation name.\n method:\n type: string\n default: GET\n description: The HTTP method to use while following this reference.\n example:\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: first\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: next\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: prev\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: last\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: self\n method: GET\n _collections:\n type: object\n required:\n - itemCount\n - currentPage\n - pageCount\n properties:\n itemCount:\n type: integer\n format: int32\n currentPage:\n type: integer\n default: 0\n pageCount:\n type: integer\n default: 25\n example:\n itemCount: 1\n currentPage: 1\n pageCount: 1\n '400':\n description: Bad request.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 400\n type: urn:x-report-service:request-failed\n title: Unable to process your request\n detail: Unable to process your request.\n locationId: 12345678\n remediation: ''\n errors:\n - detail: 'Please provide valid sort param, example: name|asc or name|desc.'\n '401':\n description: Access token not valid.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 401\n type: urn:x-report-service:unauthorized\n title: Unauthorized request\n detail: User is not authorized for this operation.\n locationId: 12345678\n remediation: Please get authorization to perform this operation\n errors:\n - detail: Invalid token is provided. Valid token must be given for processing the request.\n '403':\n description: Forbidden.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 403\n type: urn:x-report-service:forbidden\n title: User is forbidden for the operation\n detail: User doesn't have authorization to access this resource.\n locationId: 12345678\n remediation: Please get the proper access for the user\n errors:\n - detail: User doesn't have authorization to access this resource.\n '500':\n description: Internal server error.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 500\n type: urn:x-report-service:internal-server-room\n title: Something Went Wrong\n detail: Unable to process your request.\n locationId: 12345678\n remediation: ''\n errors:\n - detail: Unexpected error occurred in processing the request.\n /configurations/{configurationId}:\n get:\n operationId: getReportConfigurationById\n tags:\n - Configurations\n summary: |\n Find report configuration by ID\n description: |\n Retrieves Report configuration details by configuration ID for the specified organization.\n parameters:\n - name: configurationId\n in: path\n required: true\n description: The unique report configuration identifier.\n schema:\n type: string\n responses:\n '200':\n description: Success.\n content:\n application/vnd.polaris.insights.configurations-1+json:\n schema:\n type: object\n properties:\n id:\n type: string\n format: uuid\n description: The report configuration's ID.\n name:\n type: string\n description: The report's name.\n reportType:\n type: string\n description: >-\n The type of report (`issues-report`, `standard-compliance`,`security-audit`, `test-summary`, `issue-overview`, `developer-detail-static`, `developer-detail-sca`,\n `standard-compliance-detail`, `spdx` or `cyclonedx`).\n appendDate:\n type: boolean\n description: The flag value which will decide whether to append date to report name or not.\n projectsCount:\n type: number\n description: The number of projects used in the report configuration.\n lastAccessedAt:\n type: string\n description: The date and time when the report configuration was last accessed.\n createdAt:\n type: string\n description: The date and time when the report configuration was created.\n createdBy:\n type: string\n format: uuid\n description: The ID of the user who created the report configuration.\n applications:\n type: array\n description: |\n Specify the applications and projects to include in the report.\n items:\n type: object\n description: |\n An individual application containing `id` and `projects`.\n required:\n - id\n - projects\n properties:\n id:\n type: string\n format: uuid\n description: |\n Specify the application ID to be included in the report.\n projects:\n type: array\n items:\n type: string\n format: uuid\n description: Specify the IDs of projects to include in the report.\n example:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n - ed930182-94ca-4833-a39d-06a166125828\n severities:\n type: array\n items:\n type: string\n description: |\n Type of severity for the report to be generated. Severity can be `high`, `medium` and/or `low`.\n example:\n - critical\n - high\n - medium\n - low\n - informational\n tools:\n type: array\n items:\n type: string\n description: Type of tools used for generating the report. Values can be `SCA_PACKAGE`, `SCA_SIGNATURE` and `STATIC_POLARIS`.\n example:\n - STATIC_POLARIS\n - SCA_PACKAGE\n - SCA_SIGNATURE\n standard:\n type: string\n description: >\n Type of standard used for generating the report. Values can be `none` (No Selection), `ty-1` (OWASP Web Top Ten 2017), `ty-2` (OWASP Web Top Ten 2021), `ty-4` (2021 CWE Top 25),\n `ty-5` (PCI DSS 2018), or `ty-7` (2022 CWE Top 25).\n example: ty-2\n timePeriod:\n type: string\n description: |\n Time period used for generating the report. Values can be `all-time` (Default), `last-30-days` (Last 30 Days), `last-60-days` (Last 60 Days) or `last-90-days` (Last 90 Days).\n example: all-time\n unauthorized_applications:\n type: string\n description: |\n The list of applications for which the user not having permissions in the scope of the configuration.\n warning:\n type: string\n description: |\n The warning message for the user not having permissions for 1 or more applications in the scope of the configuration.\n _links:\n type: array\n items:\n type: object\n description: An individual link that can be followed for further information about this resource.\n properties:\n href:\n type: string\n format: url\n description: The URI to follow for this reference.\n rel:\n type: string\n default: self\n description: The relation name.\n method:\n type: string\n default: GET\n description: The HTTP method to use while following this reference.\n example:\n - href: https://example.com/configurations/3fa85f64-5717-4562-b3fc-2c963f66afa6\n rel: self\n method: GET\n example:\n id: f6b4944e-87ce-11ec-a8a3-0242ac120002\n name: Report Name\n reportType: issues-report\n appendDate: true\n projectsCount: 2\n lastAccessedAt: '2024-06-13T12:56:31.419684Z'\n createdAt: '2024-06-13T12:56:31.419684Z'\n createdBy: a87e0ade-504e-41de-888f-5b8de83b6eb4\n applications:\n - id: ed3697b3-82ec-45ba-96f6-eece4633e65c\n projects:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n severities:\n - critical\n - high\n - medium\n - low\n - informational\n tools:\n - dast_polaris\n - static_polaris\n - sca_package\n - sca_signature\n standard: ty-2\n _links:\n - href: https://example.com/configurations/f6b4944e-87ce-11ec-a8a3-0242ac120002\n rel: self\n method: GET\n '400':\n description: Bad request\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 400\n type: urn:x-report-service:request-failed\n title: Unable to process your request\n detail: Please provide valid configuration ID.\n locationId: 12345678\n remediation: Please send the valid request to perform this operation.\n errors:\n - detail: Please provide valid report configuration ID.\n '401':\n description: Access token not valid.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 401\n type: urn:x-report-service:unauthorized\n title: Unauthorized request\n detail: User is not authorized for this operation.\n locationId: 12345678\n remediation: Please get authorization to perform this operation\n errors:\n - detail: Invalid token is provided. Valid token must be given for processing the request.\n '403':\n description: Forbidden.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 403\n type: urn:x-report-service:forbidden\n title: User is forbidden for the operation\n detail: User doesn't have authorization to access this resource.\n locationId: 12345678\n remediation: Please get the proper access for the user.\n errors:\n - detail: User doesn't have authorization to access this resource.\n '404':\n description: Bad request.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 404\n type: urn:x-report-service:request-failed\n title: Unable to process your request\n detail: Unable to process your request.\n locationId: 12345678\n remediation: Please send the valid request to perform this operation.\n errors:\n detail: No report configurations are available with configurationId 0294c2b8-1a64-41ae-a585-f3e17b25813e.\n '500':\n description: Internal server error.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 500\n type: urn:x-report-service:internal-server-room\n title: Something Went Wrong\n detail: Unable to process your request.\n locationId: 12345678\n remediation: ''\n errors:\n - detail: Unexpected error occurred in processing the request.\n patch:\n operationId: updateReportConfiguration\n tags:\n - Configurations\n summary: |\n Update Report Configuration\n description: |\n Update report configuration details.\n parameters:\n - name: configurationId\n in: path\n required: true\n description: The unique report configuration identifier.\n schema:\n type: string\n requestBody:\n description: Contains the application ID and project IDs for which the report should be generated, along with issue severities, tools, and standard.\n content:\n application/vnd.polaris.insights.configurations-1+json:\n schema:\n required:\n - name\n - applications\n - severities\n - tools\n type: object\n properties:\n name:\n type: string\n description: >\n Report configuration name specified by the user. Report configuration name length should not exceed more than 256 characters. The reports generated using the report configurations,\n will have same name as report configurations name.\n example: Report configuration Name\n appendDate:\n type: boolean\n description: |\n If true, the report name will be appended with the current date when the report is generated using the configuration.\n example: true\n reportType:\n type: string\n description: >\n Type of the report. The report types supported are `issues-report`, `standard-compliance`, `security-audit`, `test-summary`, `issue-overview`, `developer-detail-static`,\n `developer-detail-sca`, `standard-compliance-detail`.\n example: issues-report\n timePeriod:\n type: string\n description: |\n Time period used for generating the report. Values can be `all-time` (Default), `last-30-days` (Last 30 Days), `last-60-days` (Last 60 Days) or `last-90-days` (Last 90 Days).\n example: all-time\n applications:\n type: array\n description: |\n Specify the applications and projects to include in the report configuration.\n items:\n type: object\n description: |\n An individual application containing `id` and `projects`.\n required:\n - id\n - projects\n properties:\n id:\n type: string\n format: uuid\n description: |\n Specify the application ID to be included in the report.\n projects:\n type: array\n items:\n type: string\n format: uuid\n description: Specify the IDs of projects to include in the report.\n example:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n - ed930182-94ca-4833-a39d-06a166125828\n severities:\n type: array\n items:\n type: string\n description: |\n Type of severity for the report to be generated. Severity can be `high`, `medium` and/or `low`.\n example:\n - critical\n - high\n - medium\n - low\n - informational\n tools:\n type: array\n items:\n type: string\n description: Type of tools used for generating the report. Values can be `SCA_PACKAGE`, `SCA_SIGNATURE` and `STATIC_POLARIS`.\n example:\n - STATIC_POLARIS\n - SCA_PACKAGE\n - SCA_SIGNATURE\n standard:\n type: string\n description: >\n Type of standard used for generating the report. Values can be `none` (No Selection), `ty-1` (OWASP Web Top Ten 2017), `ty-2` (OWASP Web Top Ten 2021), `ty-4` (2021 CWE Top 25),\n `ty-5` (PCI DSS 2018), or `ty-7` (2022 CWE Top 25).\n example: ty-2\n required: true\n responses:\n '200':\n description: Success.\n content:\n application/vnd.polaris.insights.configurations-1+json:\n schema:\n allOf:\n - type: object\n - type: object\n properties:\n id:\n type: string\n format: uuid\n description: The report configuration's ID.\n name:\n type: string\n description: The report's name.\n reportType:\n type: string\n description: >-\n The type of report (`issues-report`, `standard-compliance`,`security-audit`, `test-summary`, `issue-overview`, `developer-detail-static`, `developer-detail-sca`,\n `standard-compliance-detail`, `spdx` or `cyclonedx`).\n appendDate:\n type: boolean\n description: The flag value which will decide whether to append date to report name or not.\n projectsCount:\n type: number\n description: The number of projects used in the report configuration.\n lastAccessedAt:\n type: string\n description: The date and time when the report configuration was last accessed.\n createdAt:\n type: string\n description: The date and time when the report configuration was created.\n createdBy:\n type: string\n format: uuid\n description: The ID of the user who created the report configuration.\n applications:\n type: array\n description: |\n Specify the applications and projects to include in the report.\n items:\n type: object\n description: |\n An individual application containing `id` and `projects`.\n required:\n - id\n - projects\n properties:\n id:\n type: string\n format: uuid\n description: |\n Specify the application ID to be included in the report.\n projects:\n type: array\n items:\n type: string\n format: uuid\n description: Specify the IDs of projects to include in the report.\n example:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n - ed930182-94ca-4833-a39d-06a166125828\n severities:\n type: array\n items:\n type: string\n description: |\n Type of severity for the report to be generated. Severity can be `high`, `medium` and/or `low`.\n example:\n - critical\n - high\n - medium\n - low\n - informational\n tools:\n type: array\n items:\n type: string\n description: Type of tools used for generating the report. Values can be `SCA_PACKAGE`, `SCA_SIGNATURE` and `STATIC_POLARIS`.\n example:\n - STATIC_POLARIS\n - SCA_PACKAGE\n - SCA_SIGNATURE\n standard:\n type: string\n description: >\n Type of standard used for generating the report. Values can be `none` (No Selection), `ty-1` (OWASP Web Top Ten 2017), `ty-2` (OWASP Web Top Ten 2021), `ty-4` (2021 CWE Top\n 25), `ty-5` (PCI DSS 2018), or `ty-7` (2022 CWE Top 25).\n example: ty-2\n timePeriod:\n type: string\n description: |\n Time period used for generating the report. Values can be `all-time` (Default), `last-30-days` (Last 30 Days), `last-60-days` (Last 60 Days) or `last-90-days` (Last 90 Days).\n example: all-time\n unauthorized_applications:\n type: string\n description: |\n The list of applications for which the user not having permissions in the scope of the configuration.\n warning:\n type: string\n description: |\n The warning message for the user not having permissions for 1 or more applications in the scope of the configuration.\n _links:\n type: array\n items:\n type: object\n description: An individual link that can be followed for further information about this resource.\n properties:\n href:\n type: string\n format: url\n description: The URI to follow for this reference.\n rel:\n type: string\n default: self\n description: The relation name.\n method:\n type: string\n default: GET\n description: The HTTP method to use while following this reference.\n example:\n - href: https://example.com/configurations/3fa85f64-5717-4562-b3fc-2c963f66afa6\n rel: self\n method: GET\n example:\n id: f6b4944e-87ce-11ec-a8a3-0242ac120002\n name: Report Name\n reportType: issues-report\n appendDate: true\n projectsCount: 2\n lastAccessedAt: '2024-06-13T12:56:31.419684Z'\n createdAt: '2024-06-13T12:56:31.419684Z'\n createdBy: a87e0ade-504e-41de-888f-5b8de83b6eb4\n applications:\n - id: ed3697b3-82ec-45ba-96f6-eece4633e65c\n projects:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n severities:\n - critical\n - high\n - medium\n - low\n - informational\n tools:\n - dast_polaris\n - static_polaris\n - sca_package\n - sca_signature\n standard: ty-2\n _links:\n - href: https://example.com/configurations/f6b4944e-87ce-11ec-a8a3-0242ac120002\n rel: self\n method: GET\n '400':\n description: Bad request.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 400\n type: urn:x-report-service:missing-or-invalid-body\n title: Empty or Invalid Request Body\n detail: Request body either not found or having invalid format.\n locationId: 12345678\n remediation: Please provide a valid request body\n errors:\n - detail: Request body either not found or having invalid format.\n '401':\n description: Access token not valid.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 401\n type: urn:x-report-service:unauthorized\n title: Unauthorized request\n detail: User is not authorized for this operation.\n locationId: 12345678\n remediation: Please get authorization to perform this operation\n errors:\n - detail: Invalid token is provided. Valid token must be given for processing the request.\n '403':\n description: Forbidden.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 403\n type: urn:x-report-service:forbidden\n title: User is forbidden for the operation\n detail: User doesn't have authorization to access this resource.\n locationId: 12345678\n remediation: Please get the proper access for the user.\n errors:\n - detail: User doesn't have authorization to access this resource.\n '409':\n description: Conflict - Report configuration name already exists.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n type: urn:x-report-service:report-configuration-name-conflict\n title: Report Configuration Name Exists\n status: 409\n detail: Report configuration name must be unique for a user in an organization.\n '500':\n description: Internal server error.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 500\n type: urn:x-report-service:internal-server-room\n title: Something Went Wrong\n detail: Unable to process your request.\n locationId: 12345678\n remediation: ''\n errors:\n - detail: Unexpected error occurred in processing the request.\n delete:\n operationId: deleteReportConfigurationById\n tags:\n - Configurations\n summary: |\n Delete Configuration By ID\n description: |\n Deletes report configurations details for specified report configurations ID for specified organization.\n parameters:\n - name: configurationId\n in: path\n required: true\n description: The unique report configuration identifier.\n schema:\n type: string\n responses:\n '204':\n description: Success.\n '400':\n description: Bad request\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 400\n type: urn:x-report-service:request-failed\n title: Unable to process your request\n detail: Please provide valid report ID.\n locationId: 12345678\n remediation: Please send the valid request to perform this operation.\n errors:\n - detail: Please provide valid configuration ID\n '401':\n description: Access token not valid.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 401\n type: urn:x-report-service:unauthorized\n title: Unauthorized request\n detail: User is not authorized for this operation.\n locationId: 12345678\n remediation: Please get authorization to perform this operation\n errors:\n - detail: Invalid token is provided. Valid token must be given for processing the request.\n '403':\n description: Forbidden.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 403\n type: urn:x-report-service:forbidden\n title: User is forbidden for the operation\n detail: User doesn't have authorization to access this resource.\n locationId: 12345678\n remediation: Please get the proper access for the user.\n errors:\n - detail: User doesn't have authorization to access this resource.\n '404':\n description: Bad request.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 400\n type: urn:x-report-service:request-failed\n title: Unable to process your request\n detail: Unable to process your request.\n locationId: 12345678\n remediation: Please send the valid request to perform this operation.\n errors:\n detail: No report configurations are available with configurationId 0294c2b8-1a64-41ae-a585-f3e17b25813e.\n '500':\n description: Internal server error.\n content:\n application/problem+json:\n schema:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n example:\n status: 500\n type: urn:x-report-service:internal-server-room\n title: Something Went Wrong\n detail: Unable to process your request.\n locationId: 12345678\n remediation: ''\n errors:\n - detail: Unexpected error occurred in processing the request.\ncomponents:\n securitySchemes:\n ApiKeyAuth:\n type: apiKey\n in: header\n name: Api-Token\n parameters:\n reportId:\n name: reportId\n in: path\n required: true\n description: The unique report identifier.\n schema:\n type: string\n reportType:\n name: reportType\n in: path\n required: true\n description: >-\n Type of the report. The report types supported are `issues-report`, `standard-compliance`, `security-audit`, `test-summary`, `issue-overview`, `developer-detail-static`,\n `developer-detail-sca`, `standard-compliance-detail`.\n schema:\n type: string\n BOMReportType:\n name: reportType\n in: path\n required: true\n description: Type of the report. The report types currently available are `spdx` or `cyclonedx`.\n schema:\n type: string\n _filter:\n name: _filter\n in: query\n description: |\n A filter string that further limits the results returned, expressed in [RSQL syntax](https://github.com/jirutka/rsql-parser)\n format.\n\n Please see the filtering syntax documentation in this specification for further details on how to express an issue filter.\n example: name=='demo'\n schema:\n type: string\n format: rsql\n _sort:\n name: _sort\n in: query\n explode: false\n description: |\n Sort results by a given ordering. If this is not provided, a reasonable default will be used so that pagination\n works consistently.\n\n Sorting should follow the following syntax: {field_name}|{asc|desc}[,{field_name}|{asc|desc}[,...]]\n schema:\n type: array\n items:\n type: string\n description: |\n The field name to sort, and then the ordering direction (\"asc\" or \"desc\"), joined by a pipe character\n (`|`).\n example: field_name|asc\n _offset:\n name: _offset\n in: query\n description: >\n Returns results, starting from the specified position within the response. For example, if the offset is set to 5, then the first 5 records are skipped and the 6th record is the first record\n returned. Default value is 0. If the offset is beyond the range of the collection, no results are returned.\n schema:\n type: integer\n format: int32\n example: 0\n _limit:\n name: _limit\n in: query\n description: >\n Restricts the number of results to the specified limit. The default is 25 and maximum limit allowed is 100. If a limit greater than 100 is provided, the response will be \"HTTP 400 Bad\n Request.\"\n schema:\n type: integer\n format: int32\n example: 10\n configurationId:\n name: configurationId\n in: path\n required: true\n description: The unique report configuration identifier.\n schema:\n type: string\n runReportType:\n name: reportType\n in: path\n required: true\n description: >-\n Type of the report. The report types supported are `issues-report`, `standard-compliance`, `security-audit`, `test-summary`, `issue-overview`, `developer-detail-static`,\n `developer-detail-sca`, `standard-compliance-detail`, `spdx`, `cyclonedx`.\n schema:\n type: string\n headers:\n DeprecationHeader:\n description: Indicates that the resource is deprecated and may be removed in the future version of the APIs. <br /> It is way to inform clients that they should migrate to alternative resources.\n schema:\n type: string\n example: Fri, 6 June 2025 23:59:59 GMT\n LinkHeader:\n description: Provide link to alternative/related resource after the resource has been sunset.\n schema:\n type: string\n example: New version of API link; rel=\"alternate\"\n SunsetHeader:\n description: Specifies the date and time after which the resource will no longer be available.\n schema:\n type: string\n example: Sat, 6 Sep 2025 23:59:59 GMT\n schemas:\n Applications:\n type: object\n description: |\n An individual application containing `id` and `projects`.\n required:\n - id\n - projects\n properties:\n id:\n type: string\n format: uuid\n description: |\n Specify the application ID to be included in the report.\n projects:\n type: array\n items:\n type: string\n format: uuid\n description: Specify the IDs of projects to include in the report.\n example:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n - ed930182-94ca-4833-a39d-06a166125828\n SBOMApplications:\n type: object\n description: |\n An individual application containing `projects`.\n required:\n - projects\n properties:\n projects:\n type: array\n items:\n type: string\n format: uuid\n description: Specify the ID of a project to include in the report.\n example:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n Severities:\n type: array\n items:\n type: string\n description: |\n Type of severity for the report to be generated. Severity can be `high`, `medium` and/or `low`.\n example:\n - critical\n - high\n - medium\n - low\n - informational\n Tools:\n type: array\n items:\n type: string\n description: Type of tools used for generating the report. Values can be `SCA_PACKAGE`, `SCA_SIGNATURE` and `STATIC_POLARIS`.\n example:\n - STATIC_POLARIS\n - SCA_PACKAGE\n - SCA_SIGNATURE\n Standard:\n type: string\n description: >\n Type of standard used for generating the report. Values can be `none` (No Selection), `ty-1` (OWASP Web Top Ten 2017), `ty-2` (OWASP Web Top Ten 2021), `ty-4` (2021 CWE Top 25), `ty-5` (PCI\n DSS 2018), or `ty-7` (2022 CWE Top 25).\n example: ty-2\n TimePeriod:\n type: string\n description: |\n Time period used for generating the report. Values can be `all-time` (Default), `last-30-days` (Last 30 Days), `last-60-days` (Last 60 Days) or `last-90-days` (Last 90 Days).\n example: all-time\n GenerateReportPayload:\n required:\n - applications\n - severities\n - tools\n type: object\n properties:\n applications:\n type: array\n description: |\n Specify the applications and projects to include in the report.\n items:\n type: object\n description: |\n An individual application containing `id` and `projects`.\n required:\n - id\n - projects\n properties:\n id:\n type: string\n format: uuid\n description: |\n Specify the application ID to be included in the report.\n projects:\n type: array\n items:\n type: string\n format: uuid\n description: Specify the IDs of projects to include in the report.\n example:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n - ed930182-94ca-4833-a39d-06a166125828\n severities:\n type: array\n items:\n type: string\n description: |\n Type of severity for the report to be generated. Severity can be `high`, `medium` and/or `low`.\n example:\n - critical\n - high\n - medium\n - low\n - informational\n tools:\n type: array\n items:\n type: string\n description: Type of tools used for generating the report. Values can be `SCA_PACKAGE`, `SCA_SIGNATURE` and `STATIC_POLARIS`.\n example:\n - STATIC_POLARIS\n - SCA_PACKAGE\n - SCA_SIGNATURE\n standard:\n type: string\n description: >\n Type of standard used for generating the report. Values can be `none` (No Selection), `ty-1` (OWASP Web Top Ten 2017), `ty-2` (OWASP Web Top Ten 2021), `ty-4` (2021 CWE Top 25), `ty-5`\n (PCI DSS 2018), or `ty-7` (2022 CWE Top 25).\n example: ty-2\n GenerateReportPayloadV2:\n required:\n - applications\n - severities\n - tools\n type: object\n properties:\n name:\n type: string\n description: >\n Report name specified by the user. Defaults to Report Type_<createddate, YYYYMMDD> (for example, Polaris Issue Summary Report_20240101). Report name length should not exceed more than 256\n characters.\n example: Polaris Issue Summary Report\n format:\n type: string\n description: |\n Type of the report. Supported formats is pdf.\n example: pdf\n applications:\n type: array\n description: |\n Specify the applications and projects to include in the report.\n items:\n type: object\n description: |\n An individual application containing `id` and `projects`.\n required:\n - id\n - projects\n properties:\n id:\n type: string\n format: uuid\n description: |\n Specify the application ID to be included in the report.\n projects:\n type: array\n items:\n type: string\n format: uuid\n description: Specify the IDs of projects to include in the report.\n example:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n - ed930182-94ca-4833-a39d-06a166125828\n severities:\n type: array\n items:\n type: string\n description: |\n Type of severity for the report to be generated. Severity can be `high`, `medium` and/or `low`.\n example:\n - critical\n - high\n - medium\n - low\n - informational\n tools:\n type: array\n items:\n type: string\n description: Type of tools used for generating the report. Values can be `SCA_PACKAGE`, `SCA_SIGNATURE` and `STATIC_POLARIS`.\n example:\n - STATIC_POLARIS\n - SCA_PACKAGE\n - SCA_SIGNATURE\n standard:\n type: string\n description: >\n Type of standard used for generating the report. Values can be `none` (No Selection), `ty-1` (OWASP Web Top Ten 2017), `ty-2` (OWASP Web Top Ten 2021), `ty-4` (2021 CWE Top 25), `ty-5`\n (PCI DSS 2018), or `ty-7` (2022 CWE Top 25).\n example: ty-2\n timePeriod:\n type: string\n description: |\n Time period used for generating the report. Values can be `all-time` (Default), `last-30-days` (Last 30 Days), `last-60-days` (Last 60 Days) or `last-90-days` (Last 90 Days).\n example: all-time\n GenerateSBOMReportPayload:\n required:\n - applications\n type: object\n properties:\n applications:\n type: array\n description: |\n Specify the project to include in the report.\n items:\n type: object\n description: |\n An individual application containing `projects`.\n required:\n - projects\n properties:\n projects:\n type: array\n items:\n type: string\n format: uuid\n description: Specify the ID of a project to include in the report.\n example:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n GenerateSBOMReportPayloadV2:\n required:\n - applications\n type: object\n properties:\n name:\n type: string\n description: >\n Report name specified by the user. Defaults to Report Type_<createddate, YYYYMMDD> (for example, Polaris Issue Summary Report_20240101). Report name length should not exceed more than 256\n characters.\n example: SBOM Report\n format:\n type: string\n description: |\n Type of the report. Supported formats is json.\n example: json\n applications:\n type: array\n description: |\n Specify the project to include in the report.\n items:\n type: object\n description: |\n An individual application containing `projects`.\n required:\n - projects\n properties:\n projects:\n type: array\n items:\n type: string\n format: uuid\n description: Specify the ID of a project to include in the report.\n example:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n GenerateReportResponse:\n type: object\n properties:\n object:\n type: string\n description: |\n Message to indicate the request is accepted and Polaris is generating the report.\n example: Your report is generating. You will be notified by email when it is ready.\n GetReportsResponse:\n type: object\n required:\n - _items\n - _links\n - _collection\n properties:\n _items:\n type: array\n items:\n type: object\n required:\n - id\n - name\n - reportType\n properties:\n id:\n type: string\n format: uuid\n description: The report's ID.\n name:\n type: string\n description: The report's name.\n configurationId:\n type: string\n format: uuid\n description: The report configuration ID used to generate the report.x\n reportType:\n type: string\n description: >-\n The type of report (`issues-report`, `standard-compliance`,`security-audit`, `test-summary`, `issue-overview`, `developer-detail-static`, `developer-detail-sca`,\n `standard-compliance-detail`, `spdx` or `cyclonedx`).\n startDate:\n type: string\n description: The date and time when report generation started.\n completedDate:\n type: string\n description: The date and time when report generation completed.\n createdBy:\n type: string\n format: uuid\n description: The ID of the user who created the report.\n configuration:\n type: string\n description: A json-formatted string that includes the applications, projects, severities, tools, and standards used to generate the report.\n format:\n type: string\n description: The report's file format (`pdf` or `json`).\n status:\n type: string\n description: The report's status (`INITIATED`, `IN_PROGRESS`, `COMPLETED`, or `FAILED`).\n failureReason:\n type: string\n description: For failed reports, an error message that explains why report generation failed.\n fileSize:\n type: string\n description: The report's file size in bytes.\n message:\n type: string\n description: A message that indicates report generation is in progress, or report generation successful, or summarizes why it failed.\n description: An array of report details.\n _links:\n type: array\n items:\n description: An array of links that can be followed for further information about this resource.\n properties:\n href:\n type: string\n format: url\n description: The URI to follow for this reference.\n rel:\n type: string\n default: self\n description: The relation name.\n method:\n type: string\n default: GET\n description: The HTTP method to use while following this reference.\n example:\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: first\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: next\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: prev\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: last\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: self\n method: GET\n _collection:\n type: object\n required:\n - itemCount\n - currentPage\n - pageCount\n properties:\n itemCount:\n type: integer\n format: int32\n currentPage:\n type: integer\n default: 0\n pageCount:\n type: integer\n default: 25\n example:\n itemCount: 1\n currentPage: 1\n pageCount: 1\n GetReportResponse:\n properties:\n id:\n type: string\n format: uuid\n description: The report's ID.\n name:\n type: string\n description: Name of the report.\n reportType:\n type: string\n description: >-\n Type of the report. Available report types are `issues-report`, `standard-compliance`, `security-audit`, `test-summary`, `issue-overview`, `developer-detail-static`,\n `developer-detail-sca`, `standard-compliance-detail`, `spdx` and `cyclonedx`.\n reportTypeDescription:\n type: string\n description: Report type description of the report.\n startDate:\n type: string\n description: Date and time when the report generation started.\n completedDate:\n type: string\n description: SpecifyDate and time when the report generation completed.\n createdBy:\n type: string\n format: uuid\n description: The ID of the user who created the report.\n configuration:\n type: string\n description: Report configurations used to generate the report in `json` format. It includes applications, projects, severities, tools and standards selected before report generation.\n configurationId:\n type: string\n description: The report configuration ID used to generate the report.\n format:\n type: string\n description: Report file format. Available formats are `pdf` and `json`.\n status:\n type: string\n description: Report Status. Available statuses are `INITIATED`, `IN_PROGRESS`, `COMPLETED` and `FAILED`.\n failureReason:\n type: string\n description: An error message to explain why the report generation failed.\n fileSize:\n type: string\n description: Report file size in bytes.\n message:\n type: string\n description: Message to indicate whether report generation is completed or failed.\n _links:\n type: array\n items:\n type: object\n description: An individual link that can be followed for further information about this resource.\n properties:\n href:\n type: string\n format: url\n description: The URI to follow for this reference.\n rel:\n type: string\n default: self\n description: The relation name.\n method:\n type: string\n default: GET\n description: The HTTP method to use while following this reference.\n example:\n - href: https://example.com/reports/3fa85f64-5717-4562-b3fc-2c963f66afa6\n rel: self\n method: GET\n ReportTypeResponse:\n properties:\n _items:\n type: object\n properties:\n reportType:\n type: string\n description: Type of the report.\n description:\n type: string\n description: Report Type description.\n example:\n reportType: issues-report\n description: Polaris Issue Summary Report\n _links:\n type: array\n items:\n description: An array of links that can be followed for further information about this resource.\n properties:\n href:\n type: string\n format: url\n description: The URI to follow for this reference.\n rel:\n type: string\n default: self\n description: The relation name.\n method:\n type: string\n default: GET\n description: The HTTP method to use while following this reference.\n example:\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: first\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: next\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: prev\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: last\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: self\n method: GET\n _collections:\n type: object\n required:\n - itemCount\n - currentPage\n - pageCount\n properties:\n itemCount:\n type: integer\n format: int32\n currentPage:\n type: integer\n default: 0\n pageCount:\n type: integer\n default: 25\n example:\n itemCount: 1\n currentPage: 1\n pageCount: 1\n ReportType:\n type: object\n properties:\n reportType:\n type: string\n description: Type of the report.\n description:\n type: string\n description: Report Type description.\n example:\n reportType: issues-report\n description: Polaris Issue Summary Report\n ReportDetails:\n type: object\n required:\n - id\n - name\n - reportType\n properties:\n id:\n type: string\n format: uuid\n description: The report's ID.\n name:\n type: string\n description: The report's name.\n configurationId:\n type: string\n format: uuid\n description: The report configuration ID used to generate the report.x\n reportType:\n type: string\n description: >-\n The type of report (`issues-report`, `standard-compliance`,`security-audit`, `test-summary`, `issue-overview`, `developer-detail-static`, `developer-detail-sca`,\n `standard-compliance-detail`, `spdx` or `cyclonedx`).\n startDate:\n type: string\n description: The date and time when report generation started.\n completedDate:\n type: string\n description: The date and time when report generation completed.\n createdBy:\n type: string\n format: uuid\n description: The ID of the user who created the report.\n configuration:\n type: string\n description: A json-formatted string that includes the applications, projects, severities, tools, and standards used to generate the report.\n format:\n type: string\n description: The report's file format (`pdf` or `json`).\n status:\n type: string\n description: The report's status (`INITIATED`, `IN_PROGRESS`, `COMPLETED`, or `FAILED`).\n failureReason:\n type: string\n description: For failed reports, an error message that explains why report generation failed.\n fileSize:\n type: string\n description: The report's file size in bytes.\n message:\n type: string\n description: A message that indicates report generation is in progress, or report generation successful, or summarizes why it failed.\n PolarisErrorResponse:\n properties:\n type:\n type: string\n description: An URI reference that identifies the error type in more detail.\n status:\n type: integer\n format: int64\n description: The HTTP status code that is generated by the origin server for the occurrence of the error.\n title:\n type: string\n description: A short, human-readable summary of the error type, which does not change from occurrence to occurrence of the error.\n details:\n type: string\n description: A human-readable, localized explanation specific to this occurrence of the problem.\n links:\n type: array\n items:\n description: An array of links that can be followed for further information about this resource.\n properties:\n href:\n type: string\n format: url\n description: The URI to follow for this reference.\n rel:\n type: string\n default: self\n description: The relation name.\n method:\n type: string\n default: GET\n description: The HTTP method to use while following this reference.\n example:\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: first\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: next\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: prev\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: last\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: self\n method: GET\n ReportLink:\n type: array\n items:\n type: object\n description: An individual link that can be followed for further information about this resource.\n properties:\n href:\n type: string\n format: url\n description: The URI to follow for this reference.\n rel:\n type: string\n default: self\n description: The relation name.\n method:\n type: string\n default: GET\n description: The HTTP method to use while following this reference.\n example:\n - href: https://example.com/reports/3fa85f64-5717-4562-b3fc-2c963f66afa6\n rel: self\n method: GET\n link:\n type: object\n description: An individual link that can be followed for further information about this resource.\n properties:\n href:\n type: string\n format: url\n description: The URI to follow for this reference.\n rel:\n type: string\n default: self\n description: The relation name.\n method:\n type: string\n default: GET\n description: The HTTP method to use while following this reference.\n collections:\n type: object\n required:\n - itemCount\n - currentPage\n - pageCount\n properties:\n itemCount:\n type: integer\n format: int32\n currentPage:\n type: integer\n default: 0\n pageCount:\n type: integer\n default: 25\n example:\n itemCount: 1\n currentPage: 1\n pageCount: 1\n ConfigurationPayload:\n required:\n - name\n - applications\n - severities\n - tools\n type: object\n properties:\n name:\n type: string\n description: >\n Report configuration name specified by the user. Report configuration name length should not exceed more than 256 characters. The reports generated using the report configurations, will\n have same name as report configurations name.\n example: Report configuration Name\n appendDate:\n type: boolean\n description: |\n If true, the report name will be appended with the current date when the report is generated using the configuration.\n example: true\n reportType:\n type: string\n description: >\n Type of the report. The report types supported are `issues-report`, `standard-compliance`, `security-audit`, `test-summary`, `issue-overview`, `developer-detail-static`,\n `developer-detail-sca`, `standard-compliance-detail`.\n example: issues-report\n timePeriod:\n type: string\n description: |\n Time period used for generating the report. Values can be `all-time` (Default), `last-30-days` (Last 30 Days), `last-60-days` (Last 60 Days) or `last-90-days` (Last 90 Days).\n example: all-time\n applications:\n type: array\n description: |\n Specify the applications and projects to include in the report configuration.\n items:\n type: object\n description: |\n An individual application containing `id` and `projects`.\n required:\n - id\n - projects\n properties:\n id:\n type: string\n format: uuid\n description: |\n Specify the application ID to be included in the report.\n projects:\n type: array\n items:\n type: string\n format: uuid\n description: Specify the IDs of projects to include in the report.\n example:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n - ed930182-94ca-4833-a39d-06a166125828\n severities:\n type: array\n items:\n type: string\n description: |\n Type of severity for the report to be generated. Severity can be `high`, `medium` and/or `low`.\n example:\n - critical\n - high\n - medium\n - low\n - informational\n tools:\n type: array\n items:\n type: string\n description: Type of tools used for generating the report. Values can be `SCA_PACKAGE`, `SCA_SIGNATURE` and `STATIC_POLARIS`.\n example:\n - STATIC_POLARIS\n - SCA_PACKAGE\n - SCA_SIGNATURE\n standard:\n type: string\n description: >\n Type of standard used for generating the report. Values can be `none` (No Selection), `ty-1` (OWASP Web Top Ten 2017), `ty-2` (OWASP Web Top Ten 2021), `ty-4` (2021 CWE Top 25), `ty-5`\n (PCI DSS 2018), or `ty-7` (2022 CWE Top 25).\n example: ty-2\n ConfigurationLink:\n type: array\n items:\n type: object\n description: An individual link that can be followed for further information about this resource.\n properties:\n href:\n type: string\n format: url\n description: The URI to follow for this reference.\n rel:\n type: string\n default: self\n description: The relation name.\n method:\n type: string\n default: GET\n description: The HTTP method to use while following this reference.\n example:\n - href: https://example.com/configurations/3fa85f64-5717-4562-b3fc-2c963f66afa6\n rel: self\n method: GET\n GetConfigurationResponse:\n type: object\n properties:\n id:\n type: string\n format: uuid\n description: The report configuration's ID.\n name:\n type: string\n description: The report's name.\n reportType:\n type: string\n description: >-\n The type of report (`issues-report`, `standard-compliance`,`security-audit`, `test-summary`, `issue-overview`, `developer-detail-static`, `developer-detail-sca`,\n `standard-compliance-detail`, `spdx` or `cyclonedx`).\n appendDate:\n type: boolean\n description: The flag value which will decide whether to append date to report name or not.\n projectsCount:\n type: number\n description: The number of projects used in the report configuration.\n lastAccessedAt:\n type: string\n description: The date and time when the report configuration was last accessed.\n createdAt:\n type: string\n description: The date and time when the report configuration was created.\n createdBy:\n type: string\n format: uuid\n description: The ID of the user who created the report configuration.\n applications:\n type: array\n description: |\n Specify the applications and projects to include in the report.\n items:\n type: object\n description: |\n An individual application containing `id` and `projects`.\n required:\n - id\n - projects\n properties:\n id:\n type: string\n format: uuid\n description: |\n Specify the application ID to be included in the report.\n projects:\n type: array\n items:\n type: string\n format: uuid\n description: Specify the IDs of projects to include in the report.\n example:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n - ed930182-94ca-4833-a39d-06a166125828\n severities:\n type: array\n items:\n type: string\n description: |\n Type of severity for the report to be generated. Severity can be `high`, `medium` and/or `low`.\n example:\n - critical\n - high\n - medium\n - low\n - informational\n tools:\n type: array\n items:\n type: string\n description: Type of tools used for generating the report. Values can be `SCA_PACKAGE`, `SCA_SIGNATURE` and `STATIC_POLARIS`.\n example:\n - STATIC_POLARIS\n - SCA_PACKAGE\n - SCA_SIGNATURE\n standard:\n type: string\n description: >\n Type of standard used for generating the report. Values can be `none` (No Selection), `ty-1` (OWASP Web Top Ten 2017), `ty-2` (OWASP Web Top Ten 2021), `ty-4` (2021 CWE Top 25), `ty-5`\n (PCI DSS 2018), or `ty-7` (2022 CWE Top 25).\n example: ty-2\n timePeriod:\n type: string\n description: |\n Time period used for generating the report. Values can be `all-time` (Default), `last-30-days` (Last 30 Days), `last-60-days` (Last 60 Days) or `last-90-days` (Last 90 Days).\n example: all-time\n unauthorized_applications:\n type: string\n description: |\n The list of applications for which the user not having permissions in the scope of the configuration.\n warning:\n type: string\n description: |\n The warning message for the user not having permissions for 1 or more applications in the scope of the configuration.\n _links:\n type: array\n items:\n type: object\n description: An individual link that can be followed for further information about this resource.\n properties:\n href:\n type: string\n format: url\n description: The URI to follow for this reference.\n rel:\n type: string\n default: self\n description: The relation name.\n method:\n type: string\n default: GET\n description: The HTTP method to use while following this reference.\n example:\n - href: https://example.com/configurations/3fa85f64-5717-4562-b3fc-2c963f66afa6\n rel: self\n method: GET\n example:\n id: f6b4944e-87ce-11ec-a8a3-0242ac120002\n name: Report Name\n reportType: issues-report\n appendDate: true\n projectsCount: 2\n lastAccessedAt: '2024-06-13T12:56:31.419684Z'\n createdAt: '2024-06-13T12:56:31.419684Z'\n createdBy: a87e0ade-504e-41de-888f-5b8de83b6eb4\n applications:\n - id: ed3697b3-82ec-45ba-96f6-eece4633e65c\n projects:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n severities:\n - critical\n - high\n - medium\n - low\n - informational\n tools:\n - dast_polaris\n - static_polaris\n - sca_package\n - sca_signature\n standard: ty-2\n _links:\n - href: https://example.com/configurations/f6b4944e-87ce-11ec-a8a3-0242ac120002\n rel: self\n method: GET\n GetReportConfigurationsResponse:\n allOf:\n - type: object\n properties:\n _items:\n type: array\n items:\n type: object\n properties:\n id:\n type: string\n format: uuid\n description: The report configuration's ID.\n name:\n type: string\n description: The report's name.\n reportType:\n type: string\n description: >-\n The type of report (`issues-report`, `standard-compliance`,`security-audit`, `test-summary`, `issue-overview`, `developer-detail-static`, `developer-detail-sca`,\n `standard-compliance-detail`, `spdx` or `cyclonedx`).\n appendDate:\n type: boolean\n description: The flag value which will decide whether to append date to report name or not.\n projectsCount:\n type: number\n description: The number of projects used in the report configuration.\n lastAccessedAt:\n type: string\n description: The date and time when the report configuration was last accessed.\n createdAt:\n type: string\n description: The date and time when the report configuration was created.\n createdBy:\n type: string\n format: uuid\n description: The ID of the user who created the report configuration.\n applications:\n type: array\n description: |\n Specify the applications and projects to include in the report.\n items:\n type: object\n description: |\n An individual application containing `id` and `projects`.\n required:\n - id\n - projects\n properties:\n id:\n type: string\n format: uuid\n description: |\n Specify the application ID to be included in the report.\n projects:\n type: array\n items:\n type: string\n format: uuid\n description: Specify the IDs of projects to include in the report.\n example:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n - ed930182-94ca-4833-a39d-06a166125828\n severities:\n type: array\n items:\n type: string\n description: |\n Type of severity for the report to be generated. Severity can be `high`, `medium` and/or `low`.\n example:\n - critical\n - high\n - medium\n - low\n - informational\n tools:\n type: array\n items:\n type: string\n description: Type of tools used for generating the report. Values can be `SCA_PACKAGE`, `SCA_SIGNATURE` and `STATIC_POLARIS`.\n example:\n - STATIC_POLARIS\n - SCA_PACKAGE\n - SCA_SIGNATURE\n standard:\n type: string\n description: >\n Type of standard used for generating the report. Values can be `none` (No Selection), `ty-1` (OWASP Web Top Ten 2017), `ty-2` (OWASP Web Top Ten 2021), `ty-4` (2021 CWE Top 25),\n `ty-5` (PCI DSS 2018), or `ty-7` (2022 CWE Top 25).\n example: ty-2\n timePeriod:\n type: string\n description: |\n Time period used for generating the report. Values can be `all-time` (Default), `last-30-days` (Last 30 Days), `last-60-days` (Last 60 Days) or `last-90-days` (Last 90 Days).\n example: all-time\n unauthorized_applications:\n type: string\n description: |\n The list of applications for which the user not having permissions in the scope of the configuration.\n warning:\n type: string\n description: |\n The warning message for the user not having permissions for 1 or more applications in the scope of the configuration.\n _links:\n type: array\n items:\n type: object\n description: An individual link that can be followed for further information about this resource.\n properties:\n href:\n type: string\n format: url\n description: The URI to follow for this reference.\n rel:\n type: string\n default: self\n description: The relation name.\n method:\n type: string\n default: GET\n description: The HTTP method to use while following this reference.\n example:\n - href: https://example.com/configurations/3fa85f64-5717-4562-b3fc-2c963f66afa6\n rel: self\n method: GET\n example:\n id: f6b4944e-87ce-11ec-a8a3-0242ac120002\n name: Report Name\n reportType: issues-report\n appendDate: true\n projectsCount: 2\n lastAccessedAt: '2024-06-13T12:56:31.419684Z'\n createdAt: '2024-06-13T12:56:31.419684Z'\n createdBy: a87e0ade-504e-41de-888f-5b8de83b6eb4\n applications:\n - id: ed3697b3-82ec-45ba-96f6-eece4633e65c\n projects:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n severities:\n - critical\n - high\n - medium\n - low\n - informational\n tools:\n - dast_polaris\n - static_polaris\n - sca_package\n - sca_signature\n standard: ty-2\n _links:\n - href: https://example.com/configurations/f6b4944e-87ce-11ec-a8a3-0242ac120002\n rel: self\n method: GET\n _links:\n type: array\n items:\n description: An array of links that can be followed for further information about this resource.\n properties:\n href:\n type: string\n format: url\n description: The URI to follow for this reference.\n rel:\n type: string\n default: self\n description: The relation name.\n method:\n type: string\n default: GET\n description: The HTTP method to use while following this reference.\n example:\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: first\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: next\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: prev\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: last\n method: GET\n - href: https://example.com/reports?_offset=0&_limit=25\n rel: self\n method: GET\n _collections:\n type: object\n required:\n - itemCount\n - currentPage\n - pageCount\n properties:\n itemCount:\n type: integer\n format: int32\n currentPage:\n type: integer\n default: 0\n pageCount:\n type: integer\n default: 25\n example:\n itemCount: 1\n currentPage: 1\n pageCount: 1\n RunReportPayload:\n required:\n - name\n - applications\n - severities\n - tools\n type: object\n properties:\n name:\n type: string\n description: >\n Report configuration name specified by the user. Report configuration name length should not exceed more than 256 characters. The reports generated using the report configurations, will\n have same name as report configurations name.\n example: Report configuration Name\n appendDate:\n type: boolean\n description: |\n If true, the report name will be appended with the current date when the report is generated using the configuration.\n example: true\n applications:\n type: array\n description: |\n Specify the applications and projects to include in the report configuration.\n items:\n type: object\n description: |\n An individual application containing `id` and `projects`.\n required:\n - id\n - projects\n properties:\n id:\n type: string\n format: uuid\n description: |\n Specify the application ID to be included in the report.\n projects:\n type: array\n items:\n type: string\n format: uuid\n description: Specify the IDs of projects to include in the report.\n example:\n - ed3697b3-82ec-45ba-96f6-eece4633e65c\n - ed930182-94ca-4833-a39d-06a166125828\n severities:\n type: array\n items:\n type: string\n description: |\n Type of severity for the report to be generated. Severity can be `high`, `medium` and/or `low`.\n example:\n - critical\n - high\n - medium\n - low\n - informational\n tools:\n type: array\n items:\n type: string\n description: Type of tools used for generating the report. Values can be `SCA_PACKAGE`, `SCA_SIGNATURE` and `STATIC_POLARIS`.\n example:\n - STATIC_POLARIS\n - SCA_PACKAGE\n - SCA_SIGNATURE\n standard:\n type: string\n description: >\n Type of standard used for generating the report. Values can be `none` (No Selection), `ty-1` (OWASP Web Top Ten 2017), `ty-2` (OWASP Web Top Ten 2021), `ty-4` (2021 CWE Top 25), `ty-5`\n (PCI DSS 2018), or `ty-7` (2022 CWE Top 25).\n example: ty-2\n"