---
title: Get Application Security details for a service
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: Docs > API Reference > Application Security
---

# Get Application Security details for a service{% #get-application-security-details-for-a-service %}
Copy pageCopied
{% tab title="v2" %}
**Note**: This endpoint is in preview and is subject to change. If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).
| Datadog site      | API endpoint                                                                    |
| ----------------- | ------------------------------------------------------------------------------- |
| ap1.datadoghq.com | GET https://api.ap1.datadoghq.com/api/v2/security/asm/services/{service_filter} |
| ap2.datadoghq.com | GET https://api.ap2.datadoghq.com/api/v2/security/asm/services/{service_filter} |
| app.datadoghq.eu  | GET https://api.datadoghq.eu/api/v2/security/asm/services/{service_filter}      |
| app.ddog-gov.com  | GET https://api.ddog-gov.com/api/v2/security/asm/services/{service_filter}      |
| us2.ddog-gov.com  | GET https://api.us2.ddog-gov.com/api/v2/security/asm/services/{service_filter}  |
| uk1.datadoghq.com | GET https://api.uk1.datadoghq.com/api/v2/security/asm/services/{service_filter} |
| app.datadoghq.com | GET https://api.datadoghq.com/api/v2/security/asm/services/{service_filter}     |
| us3.datadoghq.com | GET https://api.us3.datadoghq.com/api/v2/security/asm/services/{service_filter} |
| us5.datadoghq.com | GET https://api.us5.datadoghq.com/api/v2/security/asm/services/{service_filter} |

### Overview

Retrieve Application Security details for services matching the given name. Returns Application Security activation, compatibility, and product enablement information for each matching `(service, environment)` pair, along with a count of services that have Application Security Management (Threats) enabled. This endpoint requires any of the following permissions:
`apm_service_catalog_read``appsec_protect_read``apm_read` 


### Arguments

#### Path Parameters

| Name                             | Type   | Description                                                                                                              |
| -------------------------------- | ------ | ------------------------------------------------------------------------------------------------------------------------ |
| service_filter [*required*] | string | The name of the service to retrieve Application Security details for. Returns all matching services across environments. |

### Response

{% tab title="200" %}
OK
{% tab title="Model" %}
Response object containing the list of services matching the requested name.

| Parent field | Field                                                | Type      | Description                                                                                            |
| ------------ | ---------------------------------------------------- | --------- | ------------------------------------------------------------------------------------------------------ |
|              | data [*required*]                               | [object]  | The list of services matching the requested name.                                                      |
| data         | attributes [*required*]                         | object    | Application Security details describing a service in a given environment.                              |
| attributes   | agent_versions [*required*]                     | [string]  | The Datadog Agent versions reporting for the service.                                                  |
| attributes   | app_type [*required*]                           | string    | The application type of the service, such as `web` or `serverless`.                                    |
| attributes   | asm_threat_compatible [*required*]              | boolean   | Whether the service is compatible with Application Security Management (Threats).                      |
| attributes   | backend_waf_event_count [*required*]            | int64     | The number of backend WAF events detected for the service.                                             |
| attributes   | business_logic [*required*]                     | [string]  | The enabled business logic detection rules for the service.                                            |
| attributes   | color [*required*]                              | string    | **DEPRECATED**: Deprecated: a display color associated with the service in the UI.                     |
| attributes   | env [*required*]                                | string    | The environment the service runs in.                                                                   |
| attributes   | event_count [*required*]                        | int64     | The number of Application Security events detected for the service.                                    |
| attributes   | event_trend [*required*]                        | [integer] | **DEPRECATED**: Deprecated: the trend of Application Security events over time.                        |
| attributes   | has_appsec_enabled [*required*]                 | boolean   | Whether Application Security Management (Threats) is enabled for the service.                          |
| attributes   | hits [*required*]                               | int64     | **DEPRECATED**: Deprecated: the number of hits for the service.                                        |
| attributes   | iast_product_activation [*required*]            | boolean   | Whether Interactive Application Security Testing (IAST) is enabled for the service.                    |
| attributes   | iast_product_compatibility [*required*]         | string    | The Interactive Application Security Testing (IAST) compatibility status of the service.               |
| attributes   | iast_product_compatibility_reasons [*required*] | [string]  | The reasons explaining the Interactive Application Security Testing (IAST) compatibility status.       |
| attributes   | languages [*required*]                          | [string]  | The programming languages detected for the service.                                                    |
| attributes   | last_ingested_spans [*required*]                | int64     | The Unix timestamp, in seconds, of the last ingested span for the service.                             |
| attributes   | rc_capabilities [*required*]                    | [string]  | The Remote Configuration capabilities reported by the service.                                         |
| attributes   | recommended_business_logic [*required*]         | [string]  | The recommended business logic detection rules for the service.                                        |
| attributes   | risk_product_activation [*required*]            | boolean   | Whether Software Composition Analysis (SCA) is enabled for the service.                                |
| attributes   | risk_product_compatibility [*required*]         | string    | The Software Composition Analysis (SCA) compatibility status of the service.                           |
| attributes   | risk_product_compatibility_reasons [*required*] | [string]  | The reasons explaining the Software Composition Analysis (SCA) compatibility status.                   |
| attributes   | rules_version [*required*]                      | [string]  | The WAF rules versions applied to the service.                                                         |
| attributes   | service [*required*]                            | string    | The name of the service.                                                                               |
| attributes   | signal_count [*required*]                       | int64     | **DEPRECATED**: Deprecated: the number of security signals for the service.                            |
| attributes   | signal_trend [*required*]                       | [integer] | **DEPRECATED**: Deprecated: the trend of security signals over time.                                   |
| attributes   | source [*required*]                             | [string]  | The data sources that contributed information about the service.                                       |
| attributes   | teams [*required*]                              | [string]  | The teams that own the service.                                                                        |
| attributes   | tracer_versions [*required*]                    | [string]  | The Datadog tracing library versions reporting for the service.                                        |
| attributes   | vm-activation [*required*]                      | string    | The Vulnerability Management activation status of the service.                                         |
| attributes   | vuln_critical_count [*required*]                | int64     | **DEPRECATED**: Deprecated: the number of critical-severity vulnerabilities for the service.           |
| attributes   | vuln_high_count [*required*]                    | int64     | **DEPRECATED**: Deprecated: the number of high-severity vulnerabilities for the service.               |
| attributes   | without_filter_services [*required*]            | int64     | The total number of services available without applying the service filter.                            |
| data         | id [*required*]                                 | string    | The unique identifier of the service, formatted as `<service>_<environment>`.                          |
| data         | type [*required*]                               | enum      | The type of the resource. The value should always be `service_env`. Allowed enum values: `service_env` |
|              | meta [*required*]                               | object    | Metadata returned alongside the list of services.                                                      |
| meta         | num_services_with_appsec [*required*]           | int64     | The number of services with Application Security Management (Threats) enabled.                         |

{% /tab %}

{% tab title="Example" %}

```json
{
  "data": [
    {
      "attributes": {
        "agent_versions": [
          "7.50.0"
        ],
        "app_type": "web",
        "asm_threat_compatible": true,
        "backend_waf_event_count": 10,
        "business_logic": [
          "users.login.success"
        ],
        "color": "",
        "env": "prod",
        "event_count": 42,
        "event_trend": [
          0
        ],
        "has_appsec_enabled": true,
        "hits": 0,
        "iast_product_activation": false,
        "iast_product_compatibility": "compatible",
        "iast_product_compatibility_reasons": [
          "service_not_compatible"
        ],
        "languages": [
          "go"
        ],
        "last_ingested_spans": 1610000000,
        "rc_capabilities": [
          "ASM_DD_RULES"
        ],
        "recommended_business_logic": [
          "users.login.success"
        ],
        "risk_product_activation": false,
        "risk_product_compatibility": "compatible",
        "risk_product_compatibility_reasons": [
          "service_not_compatible"
        ],
        "rules_version": [
          "1.13.0"
        ],
        "service": "web-store",
        "signal_count": 0,
        "signal_trend": [
          0
        ],
        "source": [
          "services-activity"
        ],
        "teams": [
          "security-team"
        ],
        "tracer_versions": [
          "1.60.0"
        ],
        "vm-activation": "enabled",
        "vuln_critical_count": 0,
        "vuln_high_count": 0,
        "without_filter_services": 0
      },
      "id": "web-store_prod",
      "type": "service_env"
    }
  ],
  "meta": {
    "num_services_with_appsec": 1
  }
}
```

{% /tab %}

{% /tab %}

{% tab title="403" %}
Not Authorized
{% tab title="Model" %}
API error response.

| Field                    | Type     | Description       |
| ------------------------ | -------- | ----------------- |
| errors [*required*] | [string] | A list of errors. |

{% /tab %}

{% tab title="Example" %}

```json
{
  "errors": [
    "Bad Request"
  ]
}
```

{% /tab %}

{% /tab %}

{% tab title="429" %}
Too many requests
{% tab title="Model" %}
API error response.

| Field                    | Type     | Description       |
| ------------------------ | -------- | ----------------- |
| errors [*required*] | [string] | A list of errors. |

{% /tab %}

{% tab title="Example" %}

```json
{
  "errors": [
    "Bad Request"
  ]
}
```

{% /tab %}

{% /tab %}

### Code Example

##### 
                  \# Path parameters export service_filter="web-store" \# Curl command curl -X GET "https://api.datadoghq.com/api/v2/security/asm/services/${service_filter}" \
-H "Accept: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}" 
                
##### 

```python
"""
Get Application Security details for a service returns "OK" response
"""

from datadog_api_client import ApiClient, Configuration
from datadog_api_client.v2.api.application_security_api import ApplicationSecurityApi

configuration = Configuration()
configuration.unstable_operations["get_asm_service_by_name"] = True
with ApiClient(configuration) as api_client:
    api_instance = ApplicationSecurityApi(api_client)
    response = api_instance.get_asm_service_by_name(
        service_filter="service_filter",
    )

    print(response)
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=python) and then save the example to `example.py` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" python3 "example.py"
##### 

```ruby
# Get Application Security details for a service returns "OK" response

require "datadog_api_client"
DatadogAPIClient.configure do |config|
  config.unstable_operations["v2.get_asm_service_by_name".to_sym] = true
end
api_instance = DatadogAPIClient::V2::ApplicationSecurityAPI.new
p api_instance.get_asm_service_by_name("service_filter")
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=ruby) and then save the example to `example.rb` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" rb "example.rb"
##### 

```go
// Get Application Security details for a service returns "OK" response

package main

import (
	"context"
	"encoding/json"
	"fmt"
	"os"

	"github.com/DataDog/datadog-api-client-go/v2/api/datadog"
	"github.com/DataDog/datadog-api-client-go/v2/api/datadogV2"
)

func main() {
	ctx := datadog.NewDefaultContext(context.Background())
	configuration := datadog.NewConfiguration()
	configuration.SetUnstableOperationEnabled("v2.GetAsmServiceByName", true)
	apiClient := datadog.NewAPIClient(configuration)
	api := datadogV2.NewApplicationSecurityApi(apiClient)
	resp, r, err := api.GetAsmServiceByName(ctx, "service_filter")

	if err != nil {
		fmt.Fprintf(os.Stderr, "Error when calling `ApplicationSecurityApi.GetAsmServiceByName`: %v\n", err)
		fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
	}

	responseContent, _ := json.MarshalIndent(resp, "", "  ")
	fmt.Fprintf(os.Stdout, "Response from `ApplicationSecurityApi.GetAsmServiceByName`:\n%s\n", responseContent)
}
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=go) and then save the example to `main.go` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" go run "main.go"
##### 

```java
// Get Application Security details for a service returns "OK" response

import com.datadog.api.client.ApiClient;
import com.datadog.api.client.ApiException;
import com.datadog.api.client.v2.api.ApplicationSecurityApi;
import com.datadog.api.client.v2.model.ApplicationSecurityServicesResponse;

public class Example {
  public static void main(String[] args) {
    ApiClient defaultClient = ApiClient.getDefaultApiClient();
    defaultClient.setUnstableOperationEnabled("v2.getAsmServiceByName", true);
    ApplicationSecurityApi apiInstance = new ApplicationSecurityApi(defaultClient);

    try {
      ApplicationSecurityServicesResponse result = apiInstance.getAsmServiceByName("web-store");
      System.out.println(result);
    } catch (ApiException e) {
      System.err.println("Exception when calling ApplicationSecurityApi#getAsmServiceByName");
      System.err.println("Status code: " + e.getCode());
      System.err.println("Reason: " + e.getResponseBody());
      System.err.println("Response headers: " + e.getResponseHeaders());
      e.printStackTrace();
    }
  }
}
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=java) and then save the example to `Example.java` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" java "Example.java"
##### 

```rust
// Get Application Security details for a service returns "OK" response
use datadog_api_client::datadog;
use datadog_api_client::datadogV2::api_application_security::ApplicationSecurityAPI;

#[tokio::main]
async fn main() {
    let mut configuration = datadog::Configuration::new();
    configuration.set_unstable_operation_enabled("v2.GetAsmServiceByName", true);
    let api = ApplicationSecurityAPI::with_config(configuration);
    let resp = api
        .get_asm_service_by_name("service_filter".to_string())
        .await;
    if let Ok(value) = resp {
        println!("{:#?}", value);
    } else {
        println!("{:#?}", resp.unwrap_err());
    }
}
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=rust) and then save the example to `src/main.rs` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" cargo run
##### 

```typescript
/**
 * Get Application Security details for a service returns "OK" response
 */

import { client, v2 } from "@datadog/datadog-api-client";

const configuration = client.createConfiguration();
configuration.unstableOperations["v2.getAsmServiceByName"] = true;
const apiInstance = new v2.ApplicationSecurityApi(configuration);

const params: v2.ApplicationSecurityApiGetAsmServiceByNameRequest = {
  serviceFilter: "service_filter",
};

apiInstance
  .getAsmServiceByName(params)
  .then((data: v2.ApplicationSecurityServicesResponse) => {
    console.log(
      "API called successfully. Returned data: " + JSON.stringify(data)
    );
  })
  .catch((error: any) => console.error(error));
```

#### Instructions

First [install the library and its dependencies](https://docs.datadoghq.com/api/latest.md?code-lang=typescript) and then save the example to `example.ts` and run following commands:
    DD_SITE="datadoghq.com" DD_API_KEY="<API-KEY>" DD_APP_KEY="<APP-KEY>" tsc "example.ts"
{% /tab %}
