List policy violations

curl --request GET \
  --url https://app.cysmiq.com/api/v1/{tenant_slug}/policy-violations \
  --header 'Authorization: Bearer <token>'

{
  "repository": {
    "id": "repo_01hxyz",
    "full_name": "acme/widgets"
  },
  "reference": {
    "ref": "main",
    "sha": "a1b2c3d4"
  },
  "filters": {
    "status": [
      "open",
      "pending_review"
    ],
    "enforcement": [
      "block"
    ],
    "policy": [
      "pol_vuln_sla"
    ],
    "target_type": [
      "vulnerability"
    ]
  },
  "summary": {
    "total": 1,
    "by_status": {
      "open": 1
    },
    "by_target_type": {
      "vulnerability": 1
    },
    "by_enforcement_mode": {
      "block": 1
    }
  },
  "items": [
    {
      "id": "pvl_01hxyz",
      "status": "open",
      "enforcement_mode": "block",
      "blocking": true,
      "due_at": "2026-02-01T00:00:00Z",
      "remaining_seconds": 604800,
      "snoozed": false,
      "snoozed_until": null,
      "snooze_count": 0,
      "first_seen_at": "2026-01-10T09:14:00Z",
      "last_seen_at": "2026-01-20T10:12:00Z",
      "resolved_at": null,
      "metadata": {
        "severity": "high",
        "cvss_score": 8.2,
        "epss_score": 0.72,
        "reference_ref": "main",
        "environment_key": "prod"
      },
      "policy": {
        "id": "pol_01hxyz",
        "key": "vuln_high_sla",
        "name": "High Severity SLA",
        "type": "custom",
        "status": "active",
        "target_type": "vulnerability",
        "enforcement_mode": "block",
        "severity": null
      },
      "scope": {
        "type": "repo",
        "id": "repo_01hxyz",
        "name": "acme/widgets"
      },
      "target": {
        "type": "vulnerability",
        "id": "vc_01hxyz",
        "title": "Prototype Pollution in lodash",
        "severity": "high",
        "status": "open",
        "vulnerability_type": "dependency"
      },
      "rule": null
    }
  ],
  "next_cursor": null
}

GET

{tenant_slug}

policy-violations

List policy violations

curl --request GET \
  --url https://app.cysmiq.com/api/v1/{tenant_slug}/policy-violations \
  --header 'Authorization: Bearer <token>'

{
  "repository": {
    "id": "repo_01hxyz",
    "full_name": "acme/widgets"
  },
  "reference": {
    "ref": "main",
    "sha": "a1b2c3d4"
  },
  "filters": {
    "status": [
      "open",
      "pending_review"
    ],
    "enforcement": [
      "block"
    ],
    "policy": [
      "pol_vuln_sla"
    ],
    "target_type": [
      "vulnerability"
    ]
  },
  "summary": {
    "total": 1,
    "by_status": {
      "open": 1
    },
    "by_target_type": {
      "vulnerability": 1
    },
    "by_enforcement_mode": {
      "block": 1
    }
  },
  "items": [
    {
      "id": "pvl_01hxyz",
      "status": "open",
      "enforcement_mode": "block",
      "blocking": true,
      "due_at": "2026-02-01T00:00:00Z",
      "remaining_seconds": 604800,
      "snoozed": false,
      "snoozed_until": null,
      "snooze_count": 0,
      "first_seen_at": "2026-01-10T09:14:00Z",
      "last_seen_at": "2026-01-20T10:12:00Z",
      "resolved_at": null,
      "metadata": {
        "severity": "high",
        "cvss_score": 8.2,
        "epss_score": 0.72,
        "reference_ref": "main",
        "environment_key": "prod"
      },
      "policy": {
        "id": "pol_01hxyz",
        "key": "vuln_high_sla",
        "name": "High Severity SLA",
        "type": "custom",
        "status": "active",
        "target_type": "vulnerability",
        "enforcement_mode": "block",
        "severity": null
      },
      "scope": {
        "type": "repo",
        "id": "repo_01hxyz",
        "name": "acme/widgets"
      },
      "target": {
        "type": "vulnerability",
        "id": "vc_01hxyz",
        "title": "Prototype Pollution in lodash",
        "severity": "high",
        "status": "open",
        "vulnerability_type": "dependency"
      },
      "rule": null
    }
  ],
  "next_cursor": null
}

Authorizations

Authorization

string

header

required

Use a Cysmiq API token in the Authorization header: Bearer {token}.

Path Parameters

tenant_slug

string

required

Workspace slug for the tenant context.

Query Parameters

repo

string

required

Repository identifier: prefixed id (repo_...) or org/name path.

Maximum string length: 255

ref

string | null

Branch or tag name. When provided, filters targets that track references.

Maximum string length: 255

status

string | null

Comma-separated statuses. Allowed: open, pending_review, resolved, waived, accepted_risk.

Maximum string length: 255

enforcement

string | null

Comma-separated enforcement modes. Allowed: monitor, warn, block.

Maximum string length: 255

policy

string | null

Comma-separated policy keys or prefixed ids.

Maximum string length: 255

target_type

string | null

Comma-separated target types. Example: vulnerability, package, packageVersion, manifest, asset, secret, code.

Maximum string length: 255

limit

integer | null

Max items per page (1-200). Default 50.

Required range: 1 <= x <= 200

cursor

string | null

Cursor for pagination from next_cursor.

Response

Policy violation list response.

repository

object

required

Show child attributes

reference

object

required

Show child attributes

filters

object

required

Show child attributes

summary

object

required

Show child attributes

items

object[]

required

Show child attributes

next_cursor

string

required

Introduction Get policy violation

⌘I

Overview

Endpoints

List policy violations

Authorizations

Path Parameters

Query Parameters

Response