Skip to main content
PATCH
/
v2
/
findings
/
{id}
Update finding user status
curl --request PATCH \
  --url https://api.ghostsecurity.ai/v2/findings/{id} \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "comments": "Confirmed with team, real issue",
  "project_id": "yhD3A3O2IZY",
  "repo_id": "08PB3zptlr8",
  "user_status": "active"
}
'
{
  "agent": {
    "custom_agent_vector_id": "<string>",
    "description": "<string>",
    "name": "<string>",
    "vector": "<string>"
  },
  "comments": "<string>",
  "created_at": "<string>",
  "details": {
    "code": "<string>",
    "description": "<string>",
    "endpoint_locations": [
      {
        "action": "<string>",
        "path": "<string>",
        "type": "<string>"
      }
    ],
    "exploit_feasibility": "<string>",
    "exploit_walkthrough": "<string>",
    "fixed_code": "<string>",
    "location": {
      "class_name": "<string>",
      "file_path": "<string>",
      "function_signature": "<string>",
      "hash": "<string>",
      "line_number": 123,
      "method_name": "<string>",
      "url": "<string>"
    },
    "remediation": "<string>",
    "remediation_effort": "<string>",
    "severity": "<string>",
    "supporting_files": [
      {
        "class_name": "<string>",
        "file_path": "<string>",
        "function_signature": "<string>",
        "hash": "<string>",
        "line_number": 123,
        "method_name": "<string>",
        "url": "<string>"
      }
    ],
    "title": "<string>",
    "validation_evidence": [
      {
        "criteria": "<string>",
        "rationale": "<string>"
      }
    ]
  },
  "id": "<string>",
  "organization_id": "<string>",
  "project": {
    "context": {
      "business_criticality": "<string>",
      "deployment": "<string>",
      "exposure": "<string>",
      "owner": "<string>",
      "sensitive_data_types": [
        "<string>"
      ]
    },
    "id": "<string>",
    "name": "<string>",
    "purpose": "<string>"
  },
  "repo": {
    "id": "<string>",
    "name": "<string>",
    "provider": "<string>",
    "url": "<string>"
  },
  "scan_details": {
    "analyzed_at": "<string>",
    "rejected_at": "<string>",
    "scan_id": "<string>",
    "verified_at": "<string>"
  },
  "status": "<string>",
  "updated_at": "<string>",
  "user_status": "<string>"
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

id
string
required

Repository ID

project_id
string
required

Project ID

finding_id
string
required

Finding ID

Body

application/json

Finding status update data

Finding user status update request

comments
string

Triage comments for the finding

Example:

"Confirmed with team, real issue"

project_id
string
Example:

"yhD3A3O2IZY"

repo_id
string

Optional organization and project IDs for v2 API compatibility

Example:

"08PB3zptlr8"

user_status
enum<string>

The new user status for the finding

Available options:
open,
active,
muted
Example:

"active"

Response

OK

agent
object

Finding Agent details

comments
string
created_at
string
details
object

Finding Details

id
string
organization_id
string
project
object
repo
object

Repo and project details

scan_details
object

Scan details

status
string

Status and timestamps

updated_at
string
user_status
string