For AI agents: A markdown version of this page is available at https://docs.datadoghq.com/security/application_security/api_posture/api_inventory.md. A documentation index is available at /llms.txt.

API Inventory

This product is not supported for your selected Datadog site. ().

API Inventory is a continuously updated catalog of the API endpoints and services API Posture discovers across your environment. It shows security context for each endpoint, such as authentication status, public exposure, sensitive data flows, and associated findings.

Inventory consists of two explorers:

  • API Endpoints: The API Endpoints explorer catalogs your individual endpoints, surfacing shadow APIs (undocumented endpoints with no API definition and not detected from Amazon API Gateway) and orphan APIs (documented endpoints without traffic), and helps you prioritize the endpoints most at risk.
  • Services: The Services explorer aggregates findings, vulnerabilities, and runtime signals by service, so you can assess each service’s risk and security coverage.

To detect and respond to weaknesses, attacks, or misconfigurations on these endpoints, use API Findings. In the API Endpoints explorer, each row displays a findings chip that opens the related finding in API Findings.

Further reading

Additional helpful documentation, links, and articles:

Mitigate the primary API security risksBLOG more more