Settings API - Security notifications schema table
Security notifications (builtin:appsec.notification-integration
)
Integrate security notifications with your existing incident-management system or team-collaboration channel. Within security integrations, use vulnerability and attack alerting profiles to filter the total number of alerts down to those relevant for your team.
To learn more, visit Third-party integrations.
Schema ID | Schema groups | Scope |
---|---|---|
builtin:appsec.notification-integration |
| environment |
Parameters
Property | Label | Type | Description | Required |
---|---|---|---|---|
enabled | Enabled | boolean | - | required |
trigger | Security alert type | enum | - | required |
type | Notification type | enum | - | required |
displayName | Display name | text | - | required |
webhookConfiguration | - | WebhookConfiguration | - | required |
securityProblemBasedWebhookPayload | - | SecurityProblemBasedWebhookPayload | - | required |
attackCandidateBasedWebhookPayload | - | AttackCandidateBasedWebhookPayload | - | required |
jiraConfiguration | - | JiraConfiguration | - | required |
securityProblemBasedJiraPayload | - | SecurityProblemBasedJiraPayload | - | required |
attackCandidateBasedJiraPayload | - | AttackCandidateBasedJiraPayload | - | required |
emailConfiguration | - | EmailConfiguration | - | required |
securityProblemBasedEmailPayload | - | SecurityProblemBasedEmailPayload | - | required |
attackCandidateBasedEmailPayload | - | AttackCandidateBasedEmailPayload | - | required |
securityProblemBasedAlertingProfile | Alerting profile | setting | Select an alerting profile to control the delivery of security notifications related to this integration. | required |
attackCandidateBasedAlertingProfile | Alerting profile | setting | Select an alerting profile to control the delivery of security notifications related to this integration. | required |
Request body objects
The WebhookConfigurationHeader
object
Property | Label | Type | Description | Required |
---|---|---|---|---|
name | Name | text | - | required |
secret | Secret HTTP header value | boolean | - | required |
value | Value | text | The value of the HTTP header. May contain an empty value. | required |
secretValue | Value | secret | The secret value of the HTTP header. May contain an empty value. | required |
The JiraConfiguration
object
Property | Label | Type | Description | Required |
---|---|---|---|---|
url | Jira endpoint URL | text | The URL of the Jira API endpoint. | required |
username | Username | text | The username of the Jira profile. | required |
apiToken | API token | secret | The API token for the Jira profile. Using password authentication was deprecated by Jira | required |
projectKey | Project key | text | The project key of the Jira issue to be created by this notification. | required |
issueType | Issue type | text | The type of the Jira issue to be created by this notification. To find all available issue types or create your own, in Jira, go to Project settings > Issue types. | required |
The SecurityProblemBasedJiraPayload
object
Property | Label | Type | Description | Required |
---|---|---|---|---|
summary | Summary | text | The summary of the Jira issue to be created by this notification. Note: The Jira summary field must contain less than 255 characters. Any content exceeding this limit after evaluating the placeholders will be discarded. Available placeholders: | required |
description | Issue description | text | The description of the Jira issue to be created by this notification. Note: Security notifications contain sensitive information. Excessive usage of placeholders in the description might leak information to untrusted parties. Available placeholders: | required |
The AttackCandidateBasedJiraPayload
object
Property | Label | Type | Description | Required |
---|---|---|---|---|
summary | Summary | text | The summary of the Jira issue to be created by this notification. Note: The Jira summary field must contain less than 255 characters. Any content exceeding this limit after evaluating the placeholders will be discarded. Available placeholders: | required |
description | Issue description | text | The description of the Jira issue to be created by this notification. Note: Security notifications contain sensitive information. Excessive usage of placeholders in the description might leak information to untrusted parties. Available placeholders: | required |
The WebhookConfiguration
object
Property | Label | Type | Description | Required |
---|---|---|---|---|
url | Webhook endpoint URL | text | - | required |
acceptAnyCertificate | Accept any SSL certificate (including self-signed and invalid certificates) | boolean | - | required |
headers | Additional HTTP headers | set | Use additional HTTP headers to attach any additional information, for example, configuration, authorization, or metadata. Note that JSON-based webhook endpoints require the addition of the Content-Type: application/json header to enable escaping of special characters and to avoid malformed JSON content. | required |
The SecurityProblemBasedWebhookPayload
object
Property | Label | Type | Description | Required |
---|---|---|---|---|
payload | Custom payload | text | This is the content your notification message will include when users view it. Note: Security notifications contain sensitive information. Excessive usage of placeholders in the custom payload might leak information to untrusted parties. Available placeholders: | required |
The AttackCandidateBasedWebhookPayload
object
Property | Label | Type | Description | Required |
---|---|---|---|---|
payload | Custom payload | text | This is the content your notification message will include when users view it. Note: Security notifications contain sensitive information. Excessive usage of placeholders in the custom payload might leak information to untrusted parties. Available placeholders: | required |
The EmailConfiguration
object
Property | Label | Type | Description | Required |
---|---|---|---|---|
recipients | To | set | - | required |
ccRecipients | CC | set | - | required |
bccRecipients | BCC | set | - | required |
The SecurityProblemBasedEmailPayload
object
Property | Label | Type | Description | Required |
---|---|---|---|---|
subject | Subject | text | The subject of the email notifications. Available placeholders: | required |
body | Body | text | The template of the email notifications. Note: Security notifications contain sensitive information. Excessive usage of placeholders in the description might leak information to untrusted parties. Available placeholders: | required |
The AttackCandidateBasedEmailPayload
object
Property | Label | Type | Description | Required |
---|---|---|---|---|
subject | Subject | text | The subject of the email notifications. Available placeholders: | required |
body | Body | text | The template of the email notifications. Note: Security notifications contain sensitive information. Excessive usage of placeholders in the body might leak information to untrusted parties. Available placeholders: | required |