Assign or unassign security findings

v2 (latest)

Note: This endpoint is in preview and is subject to change. If you have any feedback, contact Datadog support.

PATCH https://api.ap1.datadoghq.com/api/v2/security/findings/assigneehttps://api.ap2.datadoghq.com/api/v2/security/findings/assigneehttps://api.datadoghq.eu/api/v2/security/findings/assigneehttps://api.ddog-gov.com/api/v2/security/findings/assigneehttps://api.us2.ddog-gov.com/api/v2/security/findings/assigneehttps://api.datadoghq.com/api/v2/security/findings/assigneehttps://api.us3.datadoghq.com/api/v2/security/findings/assigneehttps://api.us5.datadoghq.com/api/v2/security/findings/assignee

Overview

Assign or unassign security findings. You can assign up to 100 security findings per request. Set assignee_id to the unique identifier of the Datadog user you want to assign the findings to. Omit assignee_id (or set it to null) to unassign the findings. Per-finding warnings and failures are returned in the response meta object. This endpoint requires any of the following permissions:

security_monitoring_findings_write

appsec_vm_write

Request

Body Data (required)

Expand All

Field

Type

Description

data [required]

object

Data of the assignee request.

{
  "data": {
    "attributes": {
      "assignee_id": "f315bdaf-9ee7-4808-a9c1-99c15bf0f4d0"
    },
    "id": "00000000-0000-0000-0000-000000000001",
    "relationships": {
      "findings": {
        "data": [
          {
            "id": "ZGVmLTAwcC1pZXJ-aS0wZjhjNjMyZDNmMzRlZTgzNw==",
            "type": "findings"
          }
        ]
      }
    },
    "type": "assignee"
  }
}

Response

Accepted

Response for the assign or unassign request.

Expand All

Field

Type

Description

data [required]

object

Data of the assignee response.

meta

object

Per-finding warnings and failures produced while processing the bulk assignee request.

{
  "data": {
    "attributes": {
      "assignee_id": "f315bdaf-9ee7-4808-a9c1-99c15bf0f4d0"
    },
    "id": "00000000-0000-0000-0000-000000000001",
    "type": "assignee"
  },
  "meta": {
    "failures": [
      {
        "detail": "failed to update finding assignee",
        "finding_id": "ZGVmLTAwcC1pZXJ-aS0wZjhjNjMyZDNmMzRlZTgzNw==",
        "status": 500,
        "title": "Internal Server Error"
      }
    ],
    "warnings": [
      {
        "detail": "failed to update finding assignee",
        "finding_id": "ZGVmLTAwcC1pZXJ-aS0wZjhjNjMyZDNmMzRlZTgzNw==",
        "status": 500,
        "title": "Internal Server Error"
      }
    ]
  }
}

Bad Request

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Not Found

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Code Example

                  ## default
# 

# Curl command
curl -X PATCH "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.us2.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/security/findings/assignee" \
-H "Accept: application/json" \
-H "Content-Type: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}" \
-d @- << EOF
{
  "data": {
    "attributes": {
      "assignee_id": "f315bdaf-9ee7-4808-a9c1-99c15bf0f4d0"
    },
    "id": "00000000-0000-0000-0000-000000000001",
    "relationships": {
      "findings": {
        "data": [
          {
            "id": "ZGVmLTAwcC1pZXJ-aS0wZjhjNjMyZDNmMzRlZTgzNw==",
            "type": "findings"
          }
        ]
      }
    },
    "type": "assignee"
  }
}
EOF

                

Assign or unassign security findings

Overview

Request

Body Data (required)

Response

Code Example

Assign or unassign security findings

How can I help you today?