Get Assets
Retrieve the list of assets for one or more organizations, considering filtering and pagination query parameters. When an organization-level OAuth2 scope is provided, the results will be restricted to those organizations the user is authorized for. Similarly, if a listing- level OAuth2 scope is provided, the results will be restricted to those listings the user is authorized for. Additional query parameters generally restrict the resulting set of assets according to AND semantics. Use of organizationUid and listingUid query parameters will further restrict the results. If neither are specified, the returned assets are the set of assets the user is allowed to access with organization OR listing specific privileges. If listing UIDs are supplied without organization UIDs, then only the assets assigned to those listings (which the user is authorized for) will be returned. Conversely, if organization UIDs are supplied without listing UIDs, then only the assets owned by those organizations (which the the user is authorized for) will be returned. Should both organization UIDs and listing UIDs be supplied, then the set of assets returned is restricted to assets assigned to any of the supplied listings, AND owned by any of the supplied organizations, further restricted to only those the user is authorized to access. Researcher users are restricted to only viewing credentials of in scope assets for listings to which they have been assigned.
Authorizations
The access token received from the authorization server in the OAuth 2.0 flow.
Query Parameters
Unique identifier for an organization. If not supplied the request will apply to all organizations the user is authorized to access.
Unique identifier for an organization.
Unique identifier for an listing. If not supplied the request will apply to all listings the user is authorized to access.
Unique identifier for an listing.
Restrict the returned asset summaries to only assets of the specified type.
cloudaccount, host, network, mobileapp, webapp Restrict the returned asset summaries to only the types of host assets requested when assetType also includes host.
ip, cidr, fqdn, as Optional query parameter for a search string that will be used to match within the label or location properties of assets. If this query parameter is provided, any location query parameter will be ignored.
Optional parameter that determines whether the response includes assets regardless of active state (the default, if this query parameter is not provided); active assets only if true; or inactive assets only if false.
Optional query parameter that determines whether production or non-production assets will be included in the response.
Optional query parameter to get host assets which are discovered by cloudEnumeration scanner shifted by maxHostDiscoveryAgeMins. Assets which are added via boss or discovered by other type of scanners will be included in response. E.g. CloudEnumeration hosts are valid for 1 hour from each time they are discovered, maxHostDiscoveryAgeMins=0 means that if the end time of the relationship has passed, the asset will not be returned - maxHostDiscoveryAgeMins=60 however, would return assets that were still valid 60 minutes ago
Restrict the returned assets to only assets associated to listings by the specified scopes.
Set to in-scope means automated and manual testing should occur; out-of-scope means automated and manual testing must not occur; discovered means observed through automated discovery and may be automatically removed if not observed again during subseqent discovery activities.
in, out, discovered, blocked Restrict the returned assets to only assets enumerated from a particular cloud platform.
Identifies cloud platform
aws, azure, gcp Prefix search of the derived location property.
Filter assets to only include assets with matching error codes.
Optional numeric error code set by an automated process such as scanning or checking.
Filter assets to only include hosts with open ports matching the port number.
0 <= x <= 65535Max open ports from a single IP address.
0 <= x <= 65535Filter assets to include/exclude those with networks. Deprecating.
Unique identifier for a network. If not supplied the request will apply to all networks the user is authorized to access. Deprecating.
Unique Identifier.
Unique gateway id. If not supplied the request will apply to all gateways.
Identifier for Launchpoint-managed VPN gateway.
Filter assets with a createdAt date greater or equal to this value
Filter assets with a createdAt date less than or equal to this value
Restricts the credentials to only those available to the user. This query parameter is ignored if the user is a researcher. Unique identifier for a user.
Filter assets which have a relationship with targetAssetUid equal to this value.
Unique identifier for an asset.
Filter assets which have a relationship of this type.
Type or relationship between assets.
discoveredBy Requested page size for pagination. A server-selected default of 100 will be used when no perPage is requested via query parameter.
1 <= x <= 5000Page to retrieve in paginated response. A server-selected default of 1 will be used when no page is requested via query parameter.
x >= 1Optional property to sort results by.
location, label, createdAt, updatedAt, lastReachableAt, lastScan Direction of sort-order for items in the response.
asc, desc Optional property to filter results by human created or system discovered assets.
provided, discovered Optional property to filter results by asset lifecycle state. When not supplied, all assets except archived will be returned.
confirmed, unconfirmed, archived, ignored Fields to omit from response.
ALL, relationships, externalRelationships, ports, networks, scopeRules, binaries, userRoles Restrict the returned asset summaries to only assets of the specified ip ranges.
IP Range could be a CIDR or an IP Range
Response
Paginated assets.
- Option 1
- Option 2
- Option 3
- Option 4
- Option 5
Unique identifier for an organization.
Derived from the properties associated with the asset.
cloudaccount, host, network, mobileapp, webapp Indicates the origin for the asset, i.e. whether the asset was provided manually or it was discovered by some sort of automation.
provided, discovered Automatically set by the server to the time the request was processed whenever the resource was created.
Automatically set by the server to the requesting user whenever the resource is updated. May be a user account or a service account if the action is performed by an automated.
Unique Identifier.
Derived human-readable text representation of the asset, based on assetType and other properties.
Indicates whether the asset resides in a production environment.
Active assets may participate in listings. When inactive, the asset is essentially soft-deleted and may not be scanned or subject to new research by SRT.
Optional label for the asset. If present, label is part of the derived property of asset location, which enables creation of multiple assets with different labels under a single organization.
Optional description for the asset.
Indicates the asset position in asset lifecycle FSM.
confirmed, unconfirmed, ignored, archived Indicates importance of the asset to the customer.
high, medium, low, undefined Indicates whether the asset is newly discovered, has changed since last evaluated, or is unchanged.
new, changed, unchanged This field is used for scheduling Fingerprinting scans. A calculated field based on if the asset has any listings in which it is active. This field is read only and relates only to assets created after Apr 1 2023.
This field is used for scheduling Fingerprinting scans. A calculated field based on if the asset has any active listings or listings deactivated less than 2 years ago. This field is read only and relates only to assets created prior to Apr 1 2023.
The date time the scan state was updated.
The last date time the asset was checked.
The last date time the asset was successfully checked for reachability.
The last date time the asset scan was successful.
The last date time the asset scan was failed.
For assets with an origin of discovered. The date time when the asset was first discovered.
For assets with an origin of discovered. The date time when the asset was last discovered or fingerprinted.
Status reported by automated checkers.
unchecked, invalid, valid Optional numeric error code set by an automated process such as scanning or checking.
Array of listings the asset belongs to.
Rules that modify the scope of security research for this asset.
Relationships which this asset participates in, either as a source or as a target.
External relationships which this asset participates in as a source. When used in postAssetBulk request, AssetID and AssetUID will be set automatically.
Array of Launchpoint-managed VPN gateways per listing.
Automatically set by the server to the time the request was processed whenever the resource is updated.
Automatically set by the server to the requesting user whenever the resource is updated. May be a user account or a service account if the action is performed by an automated.
Keeps credentials for accessing the cloud provider. Mandatory for assets of 'cloudaccount' type.