Skip to content
Start here

Casb

CasbApplications

List applications
GET/accounts/{account_id}/one/applications
Get application details
GET/accounts/{account_id}/one/applications/{slug}
ModelsExpand Collapse
ApplicationListResponse = array of object { auth_methods, category, description, 7 more }
auth_methods: array of object { display_name, slug }

Available auth methods.

display_name: string

Human-readable auth method name.

slug: string

Auth method identifier.

category: string

Vendor category (e.g. Productivity, AI).

description: string

Brief description of the integration.

display_name: string

Human-readable vendor name.

dlp_enabled: boolean

Whether DLP scanning is supported.

permissions: array of object { display_name, scope, severity }

All permissions with severity.

display_name: string

Human-readable permission name.

scope: string

Vendor-native scope identifier.

severity: "low" or "medium" or "high" or "critical"

Permission sensitivity level.

  • low - low
  • medium - medium
  • high - high
  • critical - critical
One of the following:
"low"
"medium"
"high"
"critical"
slug: "BOX" or "DROPBOX" or "GITHUB" or 4 more

Vendor identifier (e.g. microsoft_internal, google_workspace).

  • BOX - BOX
  • DROPBOX - DROPBOX
  • GITHUB - GITHUB
  • GOOGLE_WORKSPACE - GOOGLE_WORKSPACE
  • MICROSOFT_INTERNAL - MICROSOFT_INTERNAL
  • SALESFORCE - SALESFORCE
  • SLACK - SLACK
One of the following:
"BOX"
"DROPBOX"
"GITHUB"
"GOOGLE_WORKSPACE"
"MICROSOFT_INTERNAL"
"SALESFORCE"
"SLACK"
supported_environments: array of string

Environments this vendor supports (standard, fedramp).

use_cases: array of object { display_name, slug }

Supported use cases.

display_name: string

Human-readable use case name.

slug: string

Use case identifier (e.g. casb, ces).

ApplicationGetResponse object { auth_methods, category, description, 6 more }

Full application detail for onboarding UI.

auth_methods: array of object { display_name, is_default, slug, supported_environments }

Available authentication methods.

display_name: string

Human-readable auth method name.

is_default: boolean

Whether this is the default auth method.

slug: string

Auth method identifier.

supported_environments: array of string

Environments this auth method supports.

category: string

Vendor category.

description: string

Brief description.

display_name: string

Human-readable vendor name.

dlp_enabled: boolean

Whether DLP scanning is supported.

instructions: string

Setup instructions for the user.

slug: "BOX" or "DROPBOX" or "GITHUB" or 4 more

Vendor identifier.

  • BOX - BOX
  • DROPBOX - DROPBOX
  • GITHUB - GITHUB
  • GOOGLE_WORKSPACE - GOOGLE_WORKSPACE
  • MICROSOFT_INTERNAL - MICROSOFT_INTERNAL
  • SALESFORCE - SALESFORCE
  • SLACK - SLACK
One of the following:
"BOX"
"DROPBOX"
"GITHUB"
"GOOGLE_WORKSPACE"
"MICROSOFT_INTERNAL"
"SALESFORCE"
"SLACK"
use_cases: array of object { base_scopes, description, display_name, 2 more }

Use cases with full scope details.

base_scopes: array of object { display_name, scope, severity }

Scopes always required for this use case.

display_name: string

Human-readable permission name.

scope: string

Vendor-native scope identifier.

severity: "low" or "medium" or "high" or "critical"

Permission sensitivity level.

  • low - low
  • medium - medium
  • high - high
  • critical - critical
One of the following:
"low"
"medium"
"high"
"critical"
description: string

Use case description.

display_name: string

Human-readable use case name.

features: array of object { description, display_name, scopes, slug }

Optional features with extra scopes.

description: string

Feature description.

display_name: string

Human-readable feature name.

scopes: array of object { display_name, scope, severity }

Additional scopes when feature is enabled.

display_name: string

Human-readable permission name.

scope: string

Vendor-native scope identifier.

severity: "low" or "medium" or "high" or "critical"

Permission sensitivity level.

  • low - low
  • medium - medium
  • high - high
  • critical - critical
One of the following:
"low"
"medium"
"high"
"critical"
slug: string

Feature identifier.

slug: string

Use case identifier.

CasbApplicationsSetup Flows

Get application setup flows
GET/accounts/{account_id}/one/applications/{slug}/setup-flows
ModelsExpand Collapse
SetupFlowListResponse = array of object { id, default, description, 4 more }
id: string

Setup flow identifier.

default: boolean

Whether this is the default auth method.

description: string

Flow description.

name: string

Human-readable flow name.

steps: array of object { type, component_id, description, 5 more }

Ordered list of setup steps.

type: "component" or "instruction" or "form_input" or "oauth_redirect"

Step type.

  • component - component
  • instruction - instruction
  • form_input - form_input
  • oauth_redirect - oauth_redirect
One of the following:
"component"
"instruction"
"form_input"
"oauth_redirect"
component_id: optional string

Component identifier (for component type).

description: optional string

Step description with markdown support.

dynamic_content: optional array of object { label, type, url_template, value_from }

Dynamic content blocks (for instruction/form_input).

label: string

Display label.

type: "copy_block" or "external_link"

Content type.

  • copy_block - copy_block
  • external_link - external_link
One of the following:
"copy_block"
"external_link"
url_template: optional string

URL template with {{ variable }} interpolation (for external_link).

value_from: optional string

Field path to get value from (for copy_block).

form_fields: optional array of object { label, name, placeholder, 3 more }

Form fields (for form_input).

label: string

Human-readable field label.

name: string

Field identifier (maps to credentials key).

placeholder: string

Placeholder text.

required: boolean

Whether field is required.

supported_file_types: array of string

Allowed file extensions for file_upload type.

type: "text" or "password" or "email" or "file_upload"

Field input type.

  • text - text
  • password - password
  • email - email
  • file_upload - file_upload
One of the following:
"text"
"password"
"email"
"file_upload"
is_required: optional boolean

Whether step is required (for form_input).

parameters: optional map[string]

Component parameters (for component type).

title: optional string

Step title (for instruction/form_input/oauth_redirect).

supported_environments: array of string

Environments this auth method supports (standard, fedramp).

auth_config: optional object { authorization_url, client_id, requires_pkce, 2 more }

OAuth configuration (present for OAuth-based flows).

authorization_url: string

Authorization URL for the requested environment.

client_id: string

OAuth client ID.

requires_pkce: boolean

Whether PKCE is required.

scopes: array of string

OAuth scopes to request.

url_placeholders: array of string

Placeholders in authorization URL that frontend must fill.

CasbIntegrations

List integrations
GET/accounts/{account_id}/one/integrations
Get integration details
GET/accounts/{account_id}/one/integrations/{id}
Create integration
POST/accounts/{account_id}/one/integrations
Update integration
PATCH/accounts/{account_id}/one/integrations/{id}
Delete integration
DELETE/accounts/{account_id}/one/integrations/{id}
Pause integration
POST/accounts/{account_id}/one/integrations/{id}/pause
Resume integration
POST/accounts/{account_id}/one/integrations/{id}/resume
ModelsExpand Collapse
IntegrationListResponse = unknown
IntegrationGetResponse object { id, application, auth_method, 12 more }

Serializer for v2 integration detail response with use cases.

id: string

Integration ID.

formatuuid
application: map[string]
auth_method: map[string]

The integration’s authentication method.

created: string

When the integration was created.

formatdate-time
credentials_expiry: string

Credentials expiry time.

formatdate-time
dlp_profiles: array of string

DLP Profiles enabled for the integration.

health_details: array of map[unknown]

Health details with remediation hints.

is_paused: boolean

Whether the user paused the integration.

last_hydrated: string

Last time the integration was hydrated.

formatdate-time
name: string

Name of the integration.

organization_id: number

Organization ID.

status: string

Integration status.

updated: string

When the integration was last updated.

formatdate-time
use_cases: array of map[unknown]

Use cases enabled for the integration.

IntegrationCreateResponse object { id, application, auth_method, 12 more }

Serializer for v2 integration detail response with use cases.

id: string

Integration ID.

formatuuid
application: map[string]
auth_method: map[string]

The integration’s authentication method.

created: string

When the integration was created.

formatdate-time
credentials_expiry: string

Credentials expiry time.

formatdate-time
dlp_profiles: array of string

DLP Profiles enabled for the integration.

health_details: array of map[unknown]

Health details with remediation hints.

is_paused: boolean

Whether the user paused the integration.

last_hydrated: string

Last time the integration was hydrated.

formatdate-time
name: string

Name of the integration.

organization_id: number

Organization ID.

status: string

Integration status.

updated: string

When the integration was last updated.

formatdate-time
use_cases: array of map[unknown]

Use cases enabled for the integration.

IntegrationUpdateResponse object { id, application, auth_method, 12 more }

Serializer for v2 integration detail response with use cases.

id: string

Integration ID.

formatuuid
application: map[string]
auth_method: map[string]

The integration’s authentication method.

created: string

When the integration was created.

formatdate-time
credentials_expiry: string

Credentials expiry time.

formatdate-time
dlp_profiles: array of string

DLP Profiles enabled for the integration.

health_details: array of map[unknown]

Health details with remediation hints.

is_paused: boolean

Whether the user paused the integration.

last_hydrated: string

Last time the integration was hydrated.

formatdate-time
name: string

Name of the integration.

organization_id: number

Organization ID.

status: string

Integration status.

updated: string

When the integration was last updated.

formatdate-time
use_cases: array of map[unknown]

Use cases enabled for the integration.

IntegrationPauseResponse object { id, application, auth_method, 12 more }

Serializer for v2 integration detail response with use cases.

id: string

Integration ID.

formatuuid
application: map[string]
auth_method: map[string]

The integration’s authentication method.

created: string

When the integration was created.

formatdate-time
credentials_expiry: string

Credentials expiry time.

formatdate-time
dlp_profiles: array of string

DLP Profiles enabled for the integration.

health_details: array of map[unknown]

Health details with remediation hints.

is_paused: boolean

Whether the user paused the integration.

last_hydrated: string

Last time the integration was hydrated.

formatdate-time
name: string

Name of the integration.

organization_id: number

Organization ID.

status: string

Integration status.

updated: string

When the integration was last updated.

formatdate-time
use_cases: array of map[unknown]

Use cases enabled for the integration.

IntegrationResumeResponse object { id, application, auth_method, 12 more }

Serializer for v2 integration detail response with use cases.

id: string

Integration ID.

formatuuid
application: map[string]
auth_method: map[string]

The integration’s authentication method.

created: string

When the integration was created.

formatdate-time
credentials_expiry: string

Credentials expiry time.

formatdate-time
dlp_profiles: array of string

DLP Profiles enabled for the integration.

health_details: array of map[unknown]

Health details with remediation hints.

is_paused: boolean

Whether the user paused the integration.

last_hydrated: string

Last time the integration was hydrated.

formatdate-time
name: string

Name of the integration.

organization_id: number

Organization ID.

status: string

Integration status.

updated: string

When the integration was last updated.

formatdate-time
use_cases: array of map[unknown]

Use cases enabled for the integration.