Skip to main content
POST
/
api
/
analysis
/
results
/
full_report
curl --request POST \
  --url https://api.codeant.ai/api/analysis/results/full_report \
  --header 'Content-Type: application/json' \
  --data '
{
  "repo": "owner/repository",
  "commit_id": "abc123def456",
  "access_token": "ghp_xxxxxxxxxxxx",
  "service": "github",
  "branch": "main",
  "fields": [
    "Static Application Security Testing (SAST)",
    "Secrets",
    "Software Composition Analysis (SCA)",
    "Infrastructure as Code",
    "Anti-Patterns",
    "Complex Functions",
    "Docstring",
    "Duplicate Code",
    "Dead Code",
    "SBOM"
  ]
}
'
{
  "report_url": "https://storage.example.com/reports/owner-repository-abc123def456.html",
  "status": "success",
  "commit_id": "abc123def456",
  "branch": "main"
}

Body

application/json
repo
string
required

Repository identifier (format varies by service)

Example:

"owner/repository"

access_token
string
required

Authentication token for the service

Example:

"ghp_xxxxxxxxxxxx"

service
enum<string>
required

Version control service provider

Available options:
github,
azuredevops,
gitlab,
bitbucket
Example:

"github"

commit_id
string

Git commit SHA or identifier. Either commit_id or branch is required. If both are provided, commit_id takes precedence.

Example:

"abc123def456"

branch
string

Git branch name. When provided without commit_id, the service resolves the latest commit from scan history for this branch. Either commit_id or branch is required.

Example:

"main"

fields
enum<string>[]

List of analysis categories to include in the sectioned CSV report. Each category becomes its own section with category-specific columns.

Available options:
Static Application Security Testing (SAST),
Secrets,
Software Composition Analysis (SCA),
Infrastructure as Code,
Anti-Patterns,
Complex Functions,
Docstring,
Duplicate Code,
Dead Code,
SBOM
Example:
[
  "Static Application Security Testing (SAST)",
  "Secrets",
  "Software Composition Analysis (SCA)",
  "Infrastructure as Code",
  "Anti-Patterns",
  "Complex Functions",
  "Docstring",
  "Duplicate Code",
  "Dead Code",
  "SBOM"
]
include_dismissed
boolean
default:false

When true, dismissed issues (those marked as dismissed via the admin UI's dismiss-alerts workflow) are included in the report. Defaults to false, matching the admin UI behavior where dismissed issues are hidden.

Example:

false

include_false_positives
boolean
default:false

When true, issues flagged as false positives are included — specifically SAST issues with false_positive=true and Secrets with confidence_score=FALSE_POSITIVE. Defaults to false.

Example:

false

gitlab_base_url
string
default:https://gitlab.com

Base URL for GitLab service (optional)

Example:

"https://gitlab.com"

github_base_url
string
default:https://github.com

Base URL for GitHub service (optional)

Example:

"https://github.com"

azure_devops_base_url
string
default:https://dev.azure.com

Base URL for Azure DevOps service (optional)

Example:

"https://dev.azure.com"

bitbucket_base_url
string
default:https://api.bitbucket.org/2.0

Base URL for Bitbucket service (optional)

Example:

"https://api.bitbucket.org/2.0"

Response

Full report generated successfully

Full analysis report response containing the report URL and status

report_url
string

URL to access the generated HTML report

Example:

"https://storage.example.com/reports/owner-repository-abc123def456.html"

status
enum<string>

Status of the report generation

Available options:
success,
failed
Example:

"success"

commit_id
string

Git commit SHA that was analyzed

Example:

"abc123def456"

branch
string

Git branch name that was analyzed

Example:

"main"