List Scans

client.VulnerabilityScanner.Scans.List(ctx, params) (*V4PagePaginationArray[ScanListResponse], error)

GET/accounts/{account_id}/vuln_scanner/scans

Returns all scans for the account.

Security

API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY

API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194

ParametersExpand Collapse

params ScanListParams

AccountID param.Field[string]Optional

Path param: Identifier.

maxLength32

Page param.Field[int64]Optional

Query param: Page number of paginated results.

minimum1

PerPage param.Field[int64]Optional

Query param: Number of results per page.

maximum50

minimum5

ReturnsExpand Collapse

type ScanListResponse struct{…}

ID string

Scan identifier.

formatuuid

ScanType ScanListResponseScanType

The type of vulnerability scan.

Status ScanListResponseStatus

Current lifecycle status of the scan.

One of the following:

const ScanListResponseStatusCreated ScanListResponseStatus = "created"

const ScanListResponseStatusScheduled ScanListResponseStatus = "scheduled"

const ScanListResponseStatusPlanning ScanListResponseStatus = "planning"

const ScanListResponseStatusRunning ScanListResponseStatus = "running"

const ScanListResponseStatusFinished ScanListResponseStatus = "finished"

const ScanListResponseStatusFailed ScanListResponseStatus = "failed"

TargetEnvironmentID string

The target environment this scan runs against.

formatuuid

Report ScanListResponseReportOptional

Vulnerability report produced after the scan completes. The shape depends on the scan type. Present only for finished scans.

Report ScanListResponseReportReport

Version 1 of the BOLA vulnerability scan report.

Summary ScanListResponseReportReportSummary

Summary of all steps and findings.

Verdict ScanListResponseReportReportSummaryVerdict

Overall verdict of the vulnerability scan.

One of the following:

const ScanListResponseReportReportSummaryVerdictOk ScanListResponseReportReportSummaryVerdict = "ok"

const ScanListResponseReportReportSummaryVerdictWarning ScanListResponseReportReportSummaryVerdict = "warning"

const ScanListResponseReportReportSummaryVerdictInconclusive ScanListResponseReportReportSummaryVerdict = "inconclusive"

Tests []ScanListResponseReportReportTest

List of tests that were run.

Steps []ScanListResponseReportReportTestsStep

Steps that were executed.

Assertions []ScanListResponseReportReportTestsStepsAssertion

Assertions that were made against the received response.

Description string

Human-readable description of the assertion, explaining what was checked.

Kind ScanListResponseReportReportTestsStepsAssertionsKind

Kind of assertion.

Parameters ScanListResponseReportReportTestsStepsAssertionsKindParameters

Range of HTTP status codes.

Max int64

Maximum (inclusive) status code of the range.

maximum65535

minimum0

Min int64

Minimum (inclusive) status code of the range.

maximum65535

minimum0

Type ScanListResponseReportReportTestsStepsAssertionsKindType

Observed int64

Observed value on which the assertion was made.

Outcome ScanListResponseReportReportTestsStepsAssertionsOutcome

Outcome of the assertion.

One of the following:

const ScanListResponseReportReportTestsStepsAssertionsOutcomeOk ScanListResponseReportReportTestsStepsAssertionsOutcome = "ok"

const ScanListResponseReportReportTestsStepsAssertionsOutcomeFail ScanListResponseReportReportTestsStepsAssertionsOutcome = "fail"

const ScanListResponseReportReportTestsStepsAssertionsOutcomeInconclusive ScanListResponseReportReportTestsStepsAssertionsOutcome = "inconclusive"

Errors []ScanListResponseReportReportTestsStepsErrorOptional

Errors the step encountered that may explain absent or incomplete fields.

Description string

Human-readable error description.

ErrorCode int64Optional

Numeric error code identifying the class of error, if available.

formatuint32

minimum0

Request ScanListResponseReportReportTestsStepsRequestOptional

HTTP request that was made, if any.

CredentialSet ScanListResponseReportReportTestsStepsRequestCredentialSet

Credential set that was used.

ID string

ID of the credential set.

formatuuid

Role ScanListResponseReportReportTestsStepsRequestCredentialSetRole

Role of the credential set.

One of the following:

const ScanListResponseReportReportTestsStepsRequestCredentialSetRoleOwner ScanListResponseReportReportTestsStepsRequestCredentialSetRole = "owner"

const ScanListResponseReportReportTestsStepsRequestCredentialSetRoleAttacker ScanListResponseReportReportTestsStepsRequestCredentialSetRole = "attacker"

HeaderNames []string

Names of headers that were sent.

Method ScanListResponseReportReportTestsStepsRequestMethod

HTTP method.

One of the following:

const ScanListResponseReportReportTestsStepsRequestMethodGet ScanListResponseReportReportTestsStepsRequestMethod = "GET"

const ScanListResponseReportReportTestsStepsRequestMethodDelete ScanListResponseReportReportTestsStepsRequestMethod = "DELETE"

const ScanListResponseReportReportTestsStepsRequestMethodPatch ScanListResponseReportReportTestsStepsRequestMethod = "PATCH"

const ScanListResponseReportReportTestsStepsRequestMethodPost ScanListResponseReportReportTestsStepsRequestMethod = "POST"

const ScanListResponseReportReportTestsStepsRequestMethodPut ScanListResponseReportReportTestsStepsRequestMethod = "PUT"

URL string

Exact and full URL (including host, query parameters) that was requested.

formaturi

VariableCaptures []ScanListResponseReportReportTestsStepsRequestVariableCapture

Variable captures requested for this step.

JsonPath string

JSONPath expression used for capture, e.g. "$.id".

Name string

Variable name, e.g. "resource_id".

Body unknownOptional

Request body, if any.

Response ScanListResponseReportReportTestsStepsResponseOptional

HTTP response that was received, if any.

Body ScanListResponseReportReportTestsStepsResponseBody

HTTP response body.

One of the following:

type ScanListResponseReportReportTestsStepsResponseBodyKind struct{…}

No body was received.

Kind ScanListResponseReportReportTestsStepsResponseBodyKindKind

type ScanListResponseReportReportTestsStepsResponseBodyObject struct{…}

Body received but unable to read as UTF-8. Raw bytes, base64-encoded.

Contents string

Kind ScanListResponseReportReportTestsStepsResponseBodyObjectKind

Truncated bool

type ScanListResponseReportReportTestsStepsResponseBodyObject struct{…}

Body received as valid UTF-8 text but not valid JSON.

Contents string

Kind ScanListResponseReportReportTestsStepsResponseBodyObjectKind

Truncated bool

type ScanListResponseReportReportTestsStepsResponseBodyObject struct{…}

Body received as valid JSON.

Contents string

Kind ScanListResponseReportReportTestsStepsResponseBodyObjectKind

Truncated bool

HeaderNames []string

Names of headers that were received.

Status int64

HTTP status code.

maximum65535

minimum0

StatusText stringOptional

HTTP status text, if available for the status code.

Verdict ScanListResponseReportReportTestsVerdict

Verdict of this single test.

One of the following:

const ScanListResponseReportReportTestsVerdictOk ScanListResponseReportReportTestsVerdict = "ok"

const ScanListResponseReportReportTestsVerdictWarning ScanListResponseReportReportTestsVerdict = "warning"

const ScanListResponseReportReportTestsVerdictInconclusive ScanListResponseReportReportTestsVerdict = "inconclusive"

PreflightErrors []ScanListResponseReportReportTestsPreflightErrorOptional

Errors that prevented step execution.

Description string

Human-readable error description.

ErrorCode int64Optional

Numeric error code identifying the class of error, if available.

formatuint32

minimum0

ReportSchemaVersion ScanListResponseReportReportSchemaVersion

Version of the report schema.

List Scans

package main

import (
  "context"
  "fmt"

  "github.com/cloudflare/cloudflare-go"
  "github.com/cloudflare/cloudflare-go/option"
  "github.com/cloudflare/cloudflare-go/vulnerability_scanner"
)

func main() {
  client := cloudflare.NewClient(
    option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"),
  )
  page, err := client.VulnerabilityScanner.Scans.List(context.TODO(), vulnerability_scanner.ScanListParams{
    AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
  })
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", page)
}

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": [
    {
      "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
      "scan_type": "bola",
      "status": "created",
      "target_environment_id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
      "report": {
        "report": {
          "summary": {
            "verdict": "ok"
          },
          "tests": [
            {
              "steps": [
                {
                  "assertions": [
                    {
                      "description": "description",
                      "kind": {
                        "parameters": {
                          "max": 0,
                          "min": 0
                        },
                        "type": "http_status_within_range"
                      },
                      "observed": 0,
                      "outcome": "ok"
                    }
                  ],
                  "errors": [
                    {
                      "description": "description",
                      "error_code": 0
                    }
                  ],
                  "request": {
                    "credential_set": {
                      "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
                      "role": "owner"
                    },
                    "header_names": [
                      "string"
                    ],
                    "method": "GET",
                    "url": "https://example.com",
                    "variable_captures": [
                      {
                        "json_path": "json_path",
                        "name": "name"
                      }
                    ],
                    "body": {}
                  },
                  "response": {
                    "body": {
                      "kind": "not_found"
                    },
                    "header_names": [
                      "string"
                    ],
                    "status": 0,
                    "status_text": "status_text"
                  }
                }
              ],
              "verdict": "ok",
              "preflight_errors": [
                {
                  "description": "description",
                  "error_code": 0
                }
              ]
            }
          ]
        },
        "report_schema_version": "v1"
      }
    }
  ],
  "result_info": {
    "count": 1,
    "page": 1,
    "per_page": 20,
    "total_count": 2000,
    "total_pages": 100
  }
}

Returns Examples

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "success": true,
  "result": [
    {
      "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
      "scan_type": "bola",
      "status": "created",
      "target_environment_id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
      "report": {
        "report": {
          "summary": {
            "verdict": "ok"
          },
          "tests": [
            {
              "steps": [
                {
                  "assertions": [
                    {
                      "description": "description",
                      "kind": {
                        "parameters": {
                          "max": 0,
                          "min": 0
                        },
                        "type": "http_status_within_range"
                      },
                      "observed": 0,
                      "outcome": "ok"
                    }
                  ],
                  "errors": [
                    {
                      "description": "description",
                      "error_code": 0
                    }
                  ],
                  "request": {
                    "credential_set": {
                      "id": "182bd5e5-6e1a-4fe4-a799-aa6d9a6ab26e",
                      "role": "owner"
                    },
                    "header_names": [
                      "string"
                    ],
                    "method": "GET",
                    "url": "https://example.com",
                    "variable_captures": [
                      {
                        "json_path": "json_path",
                        "name": "name"
                      }
                    ],
                    "body": {}
                  },
                  "response": {
                    "body": {
                      "kind": "not_found"
                    },
                    "header_names": [
                      "string"
                    ],
                    "status": 0,
                    "status_text": "status_text"
                  }
                }
              ],
              "verdict": "ok",
              "preflight_errors": [
                {
                  "description": "description",
                  "error_code": 0
                }
              ]
            }
          ]
        },
        "report_schema_version": "v1"
      }
    }
  ],
  "result_info": {
    "count": 1,
    "page": 1,
    "per_page": 20,
    "total_count": 2000,
    "total_pages": 100
  }
}