Skip to content
Start here

Casb

CasbApplications

List applications
client.zeroTrust.casb.applications.list(ApplicationListParams { account_id, environment } params, RequestOptionsoptions?): ApplicationListResponse { auth_methods, category, description, 7 more }
GET/accounts/{account_id}/one/applications
Get application details
client.zeroTrust.casb.applications.get("GITHUB" | "GOOGLE_WORKSPACE" | "MICROSOFT_INTERNAL" | 2 moreslug, ApplicationGetParams { account_id } params, RequestOptionsoptions?): ApplicationGetResponse { auth_methods, category, description, 6 more }
GET/accounts/{account_id}/one/applications/{slug}
ModelsExpand Collapse
ApplicationListResponse = Array<ApplicationListResponseItem>
auth_methods: Array<AuthMethod>

Available auth methods.

display_name: string

Human-readable auth method name.

slug: string

Auth method identifier.

category: string

Vendor category (e.g. Productivity, AI).

description: string

Brief description of the integration.

display_name: string

Human-readable vendor name.

dlp_enabled: boolean

Whether DLP scanning is supported.

permissions: Array<Permission>

All permissions with severity.

display_name: string

Human-readable permission name.

scope: string

Vendor-native scope identifier.

severity: "low" | "medium" | "high" | "critical"

Permission sensitivity level.

  • low - low
  • medium - medium
  • high - high
  • critical - critical
One of the following:
"low"
"medium"
"high"
"critical"
slug: "GITHUB" | "GOOGLE_WORKSPACE" | "MICROSOFT_INTERNAL" | 2 more

Vendor identifier (e.g. microsoft_internal, google_workspace).

  • GITHUB - GITHUB
  • GOOGLE_WORKSPACE - GOOGLE_WORKSPACE
  • MICROSOFT_INTERNAL - MICROSOFT_INTERNAL
  • SALESFORCE - SALESFORCE
  • SLACK - SLACK
One of the following:
"GITHUB"
"GOOGLE_WORKSPACE"
"MICROSOFT_INTERNAL"
"SALESFORCE"
"SLACK"
supported_environments: Array<string>

Environments this vendor supports (standard, fedramp).

use_cases: Array<UseCase>

Supported use cases.

display_name: string

Human-readable use case name.

slug: string

Use case identifier (e.g. casb, ces).

ApplicationGetResponse { auth_methods, category, description, 6 more }

Full application detail for onboarding UI.

auth_methods: Array<AuthMethod>

Available authentication methods.

display_name: string

Human-readable auth method name.

is_default: boolean

Whether this is the default auth method.

slug: string

Auth method identifier.

supported_environments: Array<string>

Environments this auth method supports.

category: string

Vendor category.

description: string

Brief description.

display_name: string

Human-readable vendor name.

dlp_enabled: boolean

Whether DLP scanning is supported.

instructions: string | null

Setup instructions for the user.

slug: "GITHUB" | "GOOGLE_WORKSPACE" | "MICROSOFT_INTERNAL" | 2 more

Vendor identifier.

  • GITHUB - GITHUB
  • GOOGLE_WORKSPACE - GOOGLE_WORKSPACE
  • MICROSOFT_INTERNAL - MICROSOFT_INTERNAL
  • SALESFORCE - SALESFORCE
  • SLACK - SLACK
One of the following:
"GITHUB"
"GOOGLE_WORKSPACE"
"MICROSOFT_INTERNAL"
"SALESFORCE"
"SLACK"
use_cases: Array<UseCase>

Use cases with full scope details.

base_scopes: Array<BaseScope>

Scopes always required for this use case.

display_name: string

Human-readable permission name.

scope: string

Vendor-native scope identifier.

severity: "low" | "medium" | "high" | "critical"

Permission sensitivity level.

  • low - low
  • medium - medium
  • high - high
  • critical - critical
One of the following:
"low"
"medium"
"high"
"critical"
description: string

Use case description.

display_name: string

Human-readable use case name.

features: Array<Feature>

Optional features with extra scopes.

description: string

Feature description.

display_name: string

Human-readable feature name.

scopes: Array<Scope>

Additional scopes when feature is enabled.

display_name: string

Human-readable permission name.

scope: string

Vendor-native scope identifier.

severity: "low" | "medium" | "high" | "critical"

Permission sensitivity level.

  • low - low
  • medium - medium
  • high - high
  • critical - critical
One of the following:
"low"
"medium"
"high"
"critical"
slug: string

Feature identifier.

slug: string

Use case identifier.

CasbApplicationsSetup Flows

Get application setup flows
client.zeroTrust.casb.applications.setupFlows.list(stringslug, SetupFlowListParams { account_id, auth_method, environment } params, RequestOptionsoptions?): SetupFlowListResponse { id, default, description, 4 more }
GET/accounts/{account_id}/one/applications/{slug}/setup-flows
ModelsExpand Collapse
SetupFlowListResponse = Array<SetupFlowListResponseItem>
id: string

Setup flow identifier.

default: boolean

Whether this is the default auth method.

description: string

Flow description.

name: string

Human-readable flow name.

steps: Array<Step>

Ordered list of setup steps.

type: "component" | "instruction" | "form_input" | "oauth_redirect"

Step type.

  • component - component
  • instruction - instruction
  • form_input - form_input
  • oauth_redirect - oauth_redirect
One of the following:
"component"
"instruction"
"form_input"
"oauth_redirect"
component_id?: string | null

Component identifier (for component type).

description?: string | null

Step description with markdown support.

dynamic_content?: Array<DynamicContent> | null

Dynamic content blocks (for instruction/form_input).

label: string

Display label.

type: "copy_block" | "external_link"

Content type.

  • copy_block - copy_block
  • external_link - external_link
One of the following:
"copy_block"
"external_link"
url_template?: string | null

URL template with {{ variable }} interpolation (for external_link).

value_from?: string | null

Field path to get value from (for copy_block).

form_fields?: Array<FormField>

Form fields (for form_input).

label: string

Human-readable field label.

name: string

Field identifier (maps to credentials key).

placeholder: string | null

Placeholder text.

required: boolean

Whether field is required.

supported_file_types: Array<string> | null

Allowed file extensions for file_upload type.

type: "text" | "password" | "email" | "file_upload"

Field input type.

  • text - text
  • password - password
  • email - email
  • file_upload - file_upload
One of the following:
"text"
"password"
"email"
"file_upload"
is_required?: boolean

Whether step is required (for form_input).

parameters?: Record<string, string> | null

Component parameters (for component type).

title?: string

Step title (for instruction/form_input/oauth_redirect).

supported_environments: Array<string>

Environments this auth method supports (standard, fedramp).

auth_config?: AuthConfig { authorization_url, client_id, requires_pkce, 2 more }

OAuth configuration (present for OAuth-based flows).

authorization_url: string | null

Authorization URL for the requested environment.

client_id: string | null

OAuth client ID.

requires_pkce: boolean

Whether PKCE is required.

scopes: Array<string>

OAuth scopes to request.

url_placeholders: Array<string>

Placeholders in authorization URL that frontend must fill.

CasbIntegrations

List integrations
client.zeroTrust.casb.integrations.list(IntegrationListParams { account_id, application, direction, 7 more } params, RequestOptionsoptions?): IntegrationListResponse
GET/accounts/{account_id}/one/integrations
Get integration details
client.zeroTrust.casb.integrations.get(stringid, IntegrationGetParams { account_id } params, RequestOptionsoptions?): IntegrationGetResponse { id, application, auth_method, 12 more }
GET/accounts/{account_id}/one/integrations/{id}
Create integration
client.zeroTrust.casb.integrations.create(IntegrationCreateParams { account_id, application, credentials, 5 more } params, RequestOptionsoptions?): IntegrationCreateResponse { id, application, auth_method, 12 more }
POST/accounts/{account_id}/one/integrations
Update integration
client.zeroTrust.casb.integrations.update(stringid, IntegrationUpdateParams { account_id, credentials, dlp_profiles, 3 more } params, RequestOptionsoptions?): IntegrationUpdateResponse { id, application, auth_method, 12 more }
PATCH/accounts/{account_id}/one/integrations/{id}
Delete integration
client.zeroTrust.casb.integrations.delete(stringid, IntegrationDeleteParams { account_id } params, RequestOptionsoptions?): void
DELETE/accounts/{account_id}/one/integrations/{id}
Pause integration
client.zeroTrust.casb.integrations.pause(stringid, IntegrationPauseParams { account_id } params, RequestOptionsoptions?): IntegrationPauseResponse { id, application, auth_method, 12 more }
POST/accounts/{account_id}/one/integrations/{id}/pause
Resume integration
client.zeroTrust.casb.integrations.resume(stringid, IntegrationResumeParams { account_id } params, RequestOptionsoptions?): IntegrationResumeResponse { id, application, auth_method, 12 more }
POST/accounts/{account_id}/one/integrations/{id}/resume
ModelsExpand Collapse
IntegrationListResponse = unknown
IntegrationGetResponse { id, application, auth_method, 12 more }

Serializer for v2 integration detail response with use cases.

id: string

Integration ID.

formatuuid
application: Record<string, string | null>
auth_method: Record<string, string> | null

The integration’s authentication method.

created: string

When the integration was created.

formatdate-time
credentials_expiry: string

Credentials expiry time.

formatdate-time
dlp_profiles: Array<string>

DLP Profiles enabled for the integration.

health_details: Array<Record<string, unknown>>

Health details with remediation hints.

is_paused: boolean

Whether the user paused the integration.

last_hydrated: string

Last time the integration was hydrated.

formatdate-time
name: string

Name of the integration.

organization_id: number

Organization ID.

status: string

Integration status.

updated: string

When the integration was last updated.

formatdate-time
use_cases: Array<Record<string, unknown>>

Use cases enabled for the integration.

IntegrationCreateResponse { id, application, auth_method, 12 more }

Serializer for v2 integration detail response with use cases.

id: string

Integration ID.

formatuuid
application: Record<string, string | null>
auth_method: Record<string, string> | null

The integration’s authentication method.

created: string

When the integration was created.

formatdate-time
credentials_expiry: string

Credentials expiry time.

formatdate-time
dlp_profiles: Array<string>

DLP Profiles enabled for the integration.

health_details: Array<Record<string, unknown>>

Health details with remediation hints.

is_paused: boolean

Whether the user paused the integration.

last_hydrated: string

Last time the integration was hydrated.

formatdate-time
name: string

Name of the integration.

organization_id: number

Organization ID.

status: string

Integration status.

updated: string

When the integration was last updated.

formatdate-time
use_cases: Array<Record<string, unknown>>

Use cases enabled for the integration.

IntegrationUpdateResponse { id, application, auth_method, 12 more }

Serializer for v2 integration detail response with use cases.

id: string

Integration ID.

formatuuid
application: Record<string, string | null>
auth_method: Record<string, string> | null

The integration’s authentication method.

created: string

When the integration was created.

formatdate-time
credentials_expiry: string

Credentials expiry time.

formatdate-time
dlp_profiles: Array<string>

DLP Profiles enabled for the integration.

health_details: Array<Record<string, unknown>>

Health details with remediation hints.

is_paused: boolean

Whether the user paused the integration.

last_hydrated: string

Last time the integration was hydrated.

formatdate-time
name: string

Name of the integration.

organization_id: number

Organization ID.

status: string

Integration status.

updated: string

When the integration was last updated.

formatdate-time
use_cases: Array<Record<string, unknown>>

Use cases enabled for the integration.

IntegrationPauseResponse { id, application, auth_method, 12 more }

Serializer for v2 integration detail response with use cases.

id: string

Integration ID.

formatuuid
application: Record<string, string | null>
auth_method: Record<string, string> | null

The integration’s authentication method.

created: string

When the integration was created.

formatdate-time
credentials_expiry: string

Credentials expiry time.

formatdate-time
dlp_profiles: Array<string>

DLP Profiles enabled for the integration.

health_details: Array<Record<string, unknown>>

Health details with remediation hints.

is_paused: boolean

Whether the user paused the integration.

last_hydrated: string

Last time the integration was hydrated.

formatdate-time
name: string

Name of the integration.

organization_id: number

Organization ID.

status: string

Integration status.

updated: string

When the integration was last updated.

formatdate-time
use_cases: Array<Record<string, unknown>>

Use cases enabled for the integration.

IntegrationResumeResponse { id, application, auth_method, 12 more }

Serializer for v2 integration detail response with use cases.

id: string

Integration ID.

formatuuid
application: Record<string, string | null>
auth_method: Record<string, string> | null

The integration’s authentication method.

created: string

When the integration was created.

formatdate-time
credentials_expiry: string

Credentials expiry time.

formatdate-time
dlp_profiles: Array<string>

DLP Profiles enabled for the integration.

health_details: Array<Record<string, unknown>>

Health details with remediation hints.

is_paused: boolean

Whether the user paused the integration.

last_hydrated: string

Last time the integration was hydrated.

formatdate-time
name: string

Name of the integration.

organization_id: number

Organization ID.

status: string

Integration status.

updated: string

When the integration was last updated.

formatdate-time
use_cases: Array<Record<string, unknown>>

Use cases enabled for the integration.