Get incidents

1 import requests 2 3 url = "https://api-gw.perimeterx.com/v1/incidents" 4 5 querystring = {"appId":"[\"abc123\",\"def456\"]","tld":"[\"domain1.com\",\"domain2.com\"]","from":"1674313200000","to":"1674313200000","skip":"40","take":"10"} 6 7 headers = {"Authorization": "Bearer <token>"} 8 9 response = requests.get(url, headers=headers, params=querystring) 10 11 print(response.json())

1 { 2 "paging": { 3 "previous": "", 4 "current": "https://10.192.0.80:80/v1/incidents?appId=ABC123&tld=example.com&take=20&skip=0", 5 "next": "https://10.192.0.80:80/v1/incidents?appId=ABC123&tld=example.com&take=20&skip=20", 6 "count": 1000 7 }, 8 "data": [ 9 { 10 "id": "507f1f77bcf86cd799439011", 11 "category": "pii", 12 "incident": "Credentials - Email access is being made by a third party script", 13 "details": "Accessing email address.", 14 "initiator": "script.com/lib/main.[UNIQUE_ID].js", 15 "first_seen": "2022-01-30T12:15:49Z", 16 "last_seen": "2023-03-23T08:55:27Z", 17 "host_domain": "example.com", 18 "app_id": "PXabc123", 19 "page_types": [ 20 "checkout", 21 "products_and_search" 22 ], 23 "page_types_per": { 24 "checkout": 1.44, 25 "login": 1.06, 26 "products_and_search": 0.0159 27 }, 28 "ack_updated_at": "2022-04-26T08:54:22.084Z", 29 "additional_data": { 30 "vulnerabilities": [ 31 { 32 "package": "jquery-ui", 33 "version": "1.0.0", 34 "ids": [ 35 "CVE-2022-1234", 36 "CVE-2022-5678" 37 ] 38 } 39 ] 40 }, 41 "under_review": true, 42 "risk_level": "high", 43 "script": { 44 "users_affected_percentage": 50.5, 45 "ack": false, 46 "key": "11aa22bbcc3344ddeeff5566gghh", 47 "id": "script/lib/main.[UNIQUE_ID].js", 48 "app_id": "PXabc123", 49 "host_domain": "example.com", 50 "type": "third_party", 51 "vendor": "Google", 52 "first_seen": "2021-12-30T16:18:53Z", 53 "last_seen": "2023-03-23T09:13:44Z", 54 "risk": { 55 "level": "medium", 56 "reason": "PII sniffing" 57 }, 58 "page_types": [ 59 "checkout", 60 "login", 61 "products_and_search" 62 ] 63 }, 64 "actions": [ 65 { 66 "type": "DOM Removal", 67 "subtype": "Deleted script", 68 "last_seen": "2023-03-23T09:13:44Z", 69 "action_args": { 70 "Storage Key": "mixPanel", 71 "Element ID": "email", 72 "Element Name": "email", 73 "Element tags": "script", 74 "Target URL Host": "juggler", 75 "Inserted Element Tag": "script", 76 "Removed Element Tag": "" 77 } 78 } 79 ] 80 } 81 ] 82 }

Get a list of detected incidents for the given Application IDs and host domains.

Query parameters

appIdlist of stringsRequired

An array of Application IDs to filter the relevant incidents by. At least one ID is required.

tldlist of stringsRequired

An array of host domains to filter the relevant incidents by. At least one domain is required.

fromintegerOptional

A timestamp, in milliseconds, indicating from what point in time to filter the results by. Defaults to the past 24 hours.

tointegerOptional

A timestamp, in milliseconds, indicating until what point in time to filter the results by. Defaults to the current time.

skipintegerOptionalDefaults to 0

The number of incidents to offset pagination by when returning the results.

takeintegerOptionalDefaults to 20

The number of incidents to display per page when returning the results.

Response

Success

pagingobject or null

datalist of objects or null

Headers

Query parameters

Response

Errors