Skip to content

Exposed Secret

List Exposed Secrets

GEThttps://api.entro.security/v1/exposed-secrets

Authorizations

AuthorizationstringRequired

Query parameters

skipintegerOptional

The number of exposed secrets to skip before selecting data.

limitintegerOptional

The maximum number of exposed secrets to return in the response.

Default: 50

fromDatestringOptional

Filter risks creation dates, by using the following filter example: "?fromDate=10-22-2023"

Pattern: ^(0[1-9]|1[0-2])-(0[1-9]|[1-2][0-9]|3[0-1])-[0-9]{4}$

isGenericbooleanOptional

Filter for exposed secrets of type generic

isArchivedbooleanOptional

Filter for archived exposed secrets

Default: false

severitystring · enumOptional

Filter for exposed secrets with specified severities

Possible values: UNKNOWN LOW MEDIUM HIGH CRITICAL

statusstring · enumOptional

Filter for exposed secrets with specified status

Possible values: INVALID ENABLED DISABLED UNSUPPORTED UNREACHABLE REVOKED

sourcestringOptional

Filter for exposed secrets with specified source

accountstringOptional

Filter for exposed secrets with specified account id

typestringOptional

Filter for exposed secrets with specified type

publicExposurebooleanOptional

Filter for pubiclly exposed secrets

commitsstringOptional

One or more (max 10) Git commit SHAs to filter exposed secrets by. Use a single SHA or provide multiple SHAs separated by commas (e.g., 'commits=34567d343755bd123f82051681e206da99b400bb,34567d343755bd123f82051681e206da99b40012') to find exposed secrets associated with specific commits.

Responses

200Successful response
GET/v1/exposed-secrets
GET /v1/exposed-secrets HTTP/1.1
Host: api.entro.security
Authorization: YOUR_API_KEY
Accept: */*
200Successful response
{
  "exposedSecrets": [
    {
      "exposedId": "EXP-1",
      "severity": "HIGH",
      "status": "ENABLED",
      "exposureUrl": "https://example.com",
      "isGeneric": false,
      "keyId": "keyid",
      "secretValue": "secretvalue",
      "location": "lambda123",
      "locationType": "AWS_LAMBDA",
      "owner": "owner123",
      "path": "path123",
      "type": "AWS_ACCESS_KEY",
      "snippet": "snippet123",
      "tags": [
        "tag1",
        "tag2"
      ],
      "targetAccount": "target123",
      "vendorHash": "vendorhash123",
      "occurrences": [
        "EXP-123",
        "EXP-456"
      ],
      "account": {
        "id": "acc123",
        "type": "AWS",
        "environment": "prod",
        "environmentType": "DEVELOPMENT",
        "tags": [
          "tag1",
          "tag2"
        ]
      },
      "employee": {
        "name": "John Doe",
        "email": "john@example.com"
      },
      "redactedSecret": "***secret***",
      "hash": "hash123",
      "isPublic": true
    }
  ]
}

Adds or Removes an Exposed Secret Hash from the Blacklist to Prevent It from Being Displayed in the System

PATCHhttps://api.entro.security/v1/exposed-secret/{EXP_GUID}/blacklist

Authorizations

AuthorizationstringRequired

Path parameters

EXP_GUIDstringRequired

The exposed secret guid

Pattern: ^EXP-\d+$

Query parameters

actionstring · enumRequired

Determines the operation

Possible values: add remove

entroUserstringOptional

The identifier of the user performing the action

Responses

200Successful response
PATCH/v1/exposed-secret/{EXP_GUID}/blacklist?action=add
PATCH /v1/exposed-secret/{EXP_GUID}/blacklist?action=add HTTP/1.1
Host: api.entro.security
Authorization: YOUR_API_KEY
Accept: */*
200Successful response
{
  "message": "Number of exposed secrets that have been added/removed to the blacklist: [NUMBER]"
}

Adds or Removes an Exposed Secret Hash from the Whitelist to Mark the Secret as a True One

PATCHhttps://api.entro.security/v1/exposed-secret/{EXP_GUID}/whitelist

Authorizations

AuthorizationstringRequired

Path parameters

EXP_GUIDstringRequired

The exposed secret guid

Pattern: ^EXP-\d+$

Query parameters

actionstring · enumRequired

Determines the operation

Possible values: add remove

Responses

200Successful response
PATCH/v1/exposed-secret/{EXP_GUID}/whitelist?action=add
PATCH /v1/exposed-secret/{EXP_GUID}/whitelist?action=add HTTP/1.1
Host: api.entro.security
Authorization: YOUR_API_KEY
Accept: */*
200Successful response
{
  "message": "Number of exposed secrets that have been added/removed to the whitelist: [NUMBER]"
}