Vulnerability Tool
Embedded vulnerability scanning tool integration.
ποΈ Initiate OAuth Flow
Build the OAuth authorization URL for the given SCM provider (optionally for a self-hosted instance via custom_domain) and return it with a CSRF state value. Returns 400 for unsupported providers.
ποΈ Log Out OAuth Session
Revoke the stored OAuth token for the given SCM provider and end the session. Returns 400 for unsupported or unconnected providers and 502 when the provider refuses to revoke the token.
ποΈ Handle OAuth Callback
Exchange the OAuth authorization code returned by the SCM provider for tokens, create or update the user's account, and either return connection details or redirect to the configured URI. Returns 400 on OAuth errors or unsupported providers.
ποΈ Get SCM User Profile
Fetch the authenticated user's profile from the connected SCM provider, refreshing the stored OAuth token when it has expired. Returns 400 for unsupported providers and 502 when the profile cannot be retrieved.
ποΈ Check Provider Configuration
Validate that the client's integration with the given SCM provider has all required credentials. When something is missing, responds 400 with the action URL needed to complete the setup, such as an app installation link.
ποΈ List Provider Repositories
List the repositories the connected SCM account can access for the given provider, with page and per_page (1-100) pagination and an optional custom_domain for self-hosted instances.
ποΈ Initiate Vulnerability Scan
Create the repository and start the free-tool vulnerability scan workflow for it. Returns 400 when a repository already exists, since the free tool allows only one repository per client.
ποΈ Get Vulnerability Scan Results
Return the findings of the free-tool vulnerability scan for the client's repository on the given provider, formatted for the free-tool UI.
ποΈ Delete SCM Integration
Delete the client's SCM integration along with its associated users, repositories, and findings. Returns 404 when no integration data exists for the client.