Exposed Secret
List Exposed Secrets
https://api.entro.security/v1/exposed-secretsAuthorizations
AuthorizationstringRequiredQuery parameters
skipintegerOptionalThe number of exposed secrets to skip before selecting data.
limitintegerOptionalThe maximum number of exposed secrets to return in the response.
fromDatestringOptionalFilter risks creation dates, by using the following filter example: "?fromDate=10-22-2023"
isGenericbooleanOptionalFilter for exposed secrets of type generic
isArchivedbooleanOptionalFilter for archived exposed secrets
severitystring · enumOptionalFilter for exposed secrets with specified severities
statusstring · enumOptionalFilter for exposed secrets with specified status
sourcestringOptionalFilter for exposed secrets with specified source
accountstringOptionalFilter for exposed secrets with specified account id
typestringOptionalFilter for exposed secrets with specified type
publicExposurebooleanOptionalFilter for pubiclly exposed secrets
commitsstringOptionalOne or more (max 10) Git commit SHAs to filter exposed secrets by. Use a single SHA or provide multiple SHAs separated by commas (e.g., 'commits=34567d343755bd123f82051681e206da99b400bb,34567d343755bd123f82051681e206da99b40012') to find exposed secrets associated with specific commits.
Responses
/v1/exposed-secretsGET /v1/exposed-secrets HTTP/1.1 Host: api.entro.security Authorization: YOUR_API_KEY Accept: */*
curl -L \ --url 'https://api.entro.security/v1/exposed-secrets' \ --header 'Authorization: YOUR_API_KEY' \ --header 'Accept: */*'
const response = await fetch('https://api.entro.security/v1/exposed-secrets', {
method: 'GET',
headers: {
"Authorization": "YOUR_API_KEY",
"Accept": "*/*"
},
});
const data = await response.json();import requests
response = requests.get(
"https://api.entro.security/v1/exposed-secrets",
headers={"Authorization":"YOUR_API_KEY","Accept":"*/*"},
)
data = response.json(){
"exposedSecrets": [
{
"exposedId": "EXP-1",
"severity": "HIGH",
"status": "ENABLED",
"exposureUrl": "https://example.com",
"isGeneric": false,
"keyId": "keyid",
"secretValue": "secretvalue",
"location": "lambda123",
"locationType": "AWS_LAMBDA",
"owner": "owner123",
"path": "path123",
"type": "AWS_ACCESS_KEY",
"snippet": "snippet123",
"tags": [
"tag1",
"tag2"
],
"targetAccount": "target123",
"vendorHash": "vendorhash123",
"occurrences": [
"EXP-123",
"EXP-456"
],
"account": {
"id": "acc123",
"type": "AWS",
"environment": "prod",
"environmentType": "DEVELOPMENT",
"tags": [
"tag1",
"tag2"
]
},
"employee": {
"name": "John Doe",
"email": "john@example.com"
},
"redactedSecret": "***secret***",
"hash": "hash123",
"isPublic": true
}
]
}Adds or Removes an Exposed Secret Hash from the Blacklist to Prevent It from Being Displayed in the System
https://api.entro.security/v1/exposed-secret/{EXP_GUID}/blacklistAuthorizations
AuthorizationstringRequiredPath parameters
EXP_GUIDstringRequiredThe exposed secret guid
Query parameters
actionstring · enumRequiredDetermines the operation
entroUserstringOptionalThe identifier of the user performing the action
Responses
/v1/exposed-secret/{EXP_GUID}/blacklist?action=addPATCH /v1/exposed-secret/{EXP_GUID}/blacklist?action=add HTTP/1.1
Host: api.entro.security
Authorization: YOUR_API_KEY
Accept: */*curl -L \
--request PATCH \
--url 'https://api.entro.security/v1/exposed-secret/{EXP_GUID}/blacklist' \
--header 'Authorization: YOUR_API_KEY' \
--header 'Accept: */*'const response = await fetch('https://api.entro.security/v1/exposed-secret/{EXP_GUID}/blacklist', {
method: 'PATCH',
headers: {
"Authorization": "YOUR_API_KEY",
"Accept": "*/*"
},
});
const data = await response.json();import requests
response = requests.patch(
"https://api.entro.security/v1/exposed-secret/{EXP_GUID}/blacklist",
headers={"Authorization":"YOUR_API_KEY","Accept":"*/*"},
)
data = response.json(){
"message": "Number of exposed secrets that have been added/removed to the blacklist: [NUMBER]"
}Adds or Removes an Exposed Secret Hash from the Whitelist to Mark the Secret as a True One
https://api.entro.security/v1/exposed-secret/{EXP_GUID}/whitelistAuthorizations
AuthorizationstringRequiredPath parameters
EXP_GUIDstringRequiredThe exposed secret guid
Query parameters
actionstring · enumRequiredDetermines the operation
Responses
/v1/exposed-secret/{EXP_GUID}/whitelist?action=addPATCH /v1/exposed-secret/{EXP_GUID}/whitelist?action=add HTTP/1.1
Host: api.entro.security
Authorization: YOUR_API_KEY
Accept: */*curl -L \
--request PATCH \
--url 'https://api.entro.security/v1/exposed-secret/{EXP_GUID}/whitelist' \
--header 'Authorization: YOUR_API_KEY' \
--header 'Accept: */*'const response = await fetch('https://api.entro.security/v1/exposed-secret/{EXP_GUID}/whitelist', {
method: 'PATCH',
headers: {
"Authorization": "YOUR_API_KEY",
"Accept": "*/*"
},
});
const data = await response.json();import requests
response = requests.patch(
"https://api.entro.security/v1/exposed-secret/{EXP_GUID}/whitelist",
headers={"Authorization":"YOUR_API_KEY","Accept":"*/*"},
)
data = response.json(){
"message": "Number of exposed secrets that have been added/removed to the whitelist: [NUMBER]"
}