Skip to main content
GET
/
{tenant_slug}
/
policy-violations
List policy violations
curl --request GET \
  --url https://app.cysmiq.com/api/v1/{tenant_slug}/policy-violations \
  --header 'Authorization: Bearer <token>'
import requests

url = "https://app.cysmiq.com/api/v1/{tenant_slug}/policy-violations"

headers = {"Authorization": "Bearer <token>"}

response = requests.get(url, headers=headers)

print(response.text)
const options = {method: 'GET', headers: {Authorization: 'Bearer <token>'}};

fetch('https://app.cysmiq.com/api/v1/{tenant_slug}/policy-violations', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
{
  "repository": {
    "id": "repo_01hxyz",
    "full_name": "acme/widgets"
  },
  "reference": {
    "ref": "main",
    "sha": "a1b2c3d4"
  },
  "filters": {
    "status": [
      "open",
      "pending_review"
    ],
    "enforcement": [
      "block"
    ],
    "policy": [
      "pol_vuln_sla"
    ],
    "target_type": [
      "vulnerability"
    ]
  },
  "summary": {
    "total": 1,
    "by_status": {
      "open": 1
    },
    "by_target_type": {
      "vulnerability": 1
    },
    "by_enforcement_mode": {
      "block": 1
    }
  },
  "items": [
    {
      "id": "pvl_01hxyz",
      "status": "open",
      "enforcement_mode": "block",
      "blocking": true,
      "due_at": "2026-02-01T00:00:00Z",
      "remaining_seconds": 604800,
      "snoozed": false,
      "snoozed_until": null,
      "snooze_count": 0,
      "first_seen_at": "2026-01-10T09:14:00Z",
      "last_seen_at": "2026-01-20T10:12:00Z",
      "resolved_at": null,
      "metadata": {
        "severity": "high",
        "cvss_score": 8.2,
        "epss_score": 0.72,
        "reference_ref": "main",
        "environment_key": "prod"
      },
      "policy": {
        "id": "pol_01hxyz",
        "key": "vuln_high_sla",
        "name": "High Severity SLA",
        "type": "custom",
        "status": "active",
        "target_type": "vulnerability",
        "enforcement_mode": "block",
        "severity": null
      },
      "scope": {
        "type": "repo",
        "id": "repo_01hxyz",
        "name": "acme/widgets"
      },
      "target": {
        "type": "vulnerability",
        "id": "vc_01hxyz",
        "title": "Prototype Pollution in lodash",
        "severity": "high",
        "status": "open",
        "vulnerability_type": "dependency"
      },
      "rule": null
    }
  ],
  "next_cursor": null
}

Authorizations

Authorization
string
header
required

Use a Cysmiq API token in the Authorization header: Bearer {token}.

Path Parameters

tenant_slug
string
required

Workspace slug for the tenant context.

Query Parameters

repo
string
required
Maximum string length: 255
ref
string | null
Maximum string length: 255
status
string | null
Maximum string length: 255
enforcement
string | null
Maximum string length: 255
policy
string | null
Maximum string length: 255
target_type
string | null
Maximum string length: 255
limit
integer | null
Required range: 1 <= x <= 200
cursor
string | null

Response

Policy violation list response.

repository
object
required
reference
object | null
required
filters
object
required
summary
object
required
items
object[]
required
next_cursor
string
required