Skip to main content
POST
/
api
/
analysis
/
results
/
secrets
Get Secrets Scan Results
curl --request POST \
  --url https://api.codeant.ai/api/analysis/results/secrets \
  --header 'Content-Type: application/json' \
  --data '{
  "repo": "owner/repository",
  "commit_id": "abc123def456",
  "access_token": "ghp_xxxxxxxxxxxx",
  "service": "github"
}'
{
  "results": {
    "secrets": [
      {
        "type": "Secret Keyword",
        "filename": "/mnt/lambda/owner/repository/abc123def456/src/config.py",
        "hashed_secret": "9d4e1e23bd5b727046a9e3b4b7db57bd8d6ee684",
        "is_verified": false,
        "line_number": 14,
        "confidence_score": "FALSE_POSITIVE"
      }
    ],
    "secretsCount": 1
  },
  "status": "done",
  "commit_id": "abc123def456"
}

Body

application/json
repo
string
required

Repository identifier (format varies by service)

Example:

"owner/repository"

commit_id
string
required

Git commit SHA or identifier

Example:

"abc123def456"

access_token
string
required

Authentication token for the service

Example:

"ghp_xxxxxxxxxxxx"

service
enum<string>
required

Version control service provider

Available options:
github,
azuredevops,
gitlab,
bitbucket
Example:

"github"

gitlab_base_url
string

Base URL for the service (optional for GitHub, required for GitLab)

Example:

"https://gitlab.com"

Response

Secrets scan results retrieved successfully

Secrets scanning response containing detected secrets and sensitive information

results
object

Secrets scanning results

status
enum<string>

Status of the secrets scan

Available options:
pending,
processing,
done,
failed
Example:

"done"

commit_id
string

Git commit SHA that was analyzed

Example:

"abc123def456"