Salt Security · Schema
Salt Security API Endpoint
An API endpoint discovered and tracked by the Salt Security API Protection Platform.
API SecurityAIAPI DiscoveryPosture GovernanceThreat ProtectionSecurity
Properties
| Name | Type | Description |
|---|---|---|
| id | string | Unique identifier for the discovered API endpoint |
| method | string | HTTP method |
| path | string | API endpoint path |
| host | string | API host/domain |
| api_id | string | Parent API identifier this endpoint belongs to |
| api_name | string | Name of the parent API |
| status | string | Status of the endpoint |
| is_documented | boolean | Whether this endpoint exists in OpenAPI/Swagger documentation |
| is_shadow | boolean | Whether this is a shadow endpoint (undiscovered, not in OAS docs) |
| is_zombie | boolean | Whether this is a zombie endpoint (deprecated but still accessible) |
| sensitive_data | array | Sensitive data fields found in this endpoint |
| risk_score | number | Risk score for this endpoint (0-100) |
| vulnerabilities | array | Identified vulnerabilities for this endpoint |
| authentication_required | boolean | Whether authentication is required for this endpoint |
| first_seen | string | Timestamp when endpoint was first discovered |
| last_seen | string | Timestamp of most recent traffic |
JSON Schema
{
"$schema": "https://json-schema.org/draft/2020-12/schema",
"$id": "https://api-evangelist.github.io/salt-security/json-schema/salt-security-api-endpoint-schema.json",
"title": "Salt Security API Endpoint",
"description": "An API endpoint discovered and tracked by the Salt Security API Protection Platform.",
"type": "object",
"properties": {
"id": {
"type": "string",
"description": "Unique identifier for the discovered API endpoint"
},
"method": {
"type": "string",
"description": "HTTP method",
"enum": ["GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS", "HEAD"]
},
"path": {
"type": "string",
"description": "API endpoint path"
},
"host": {
"type": "string",
"description": "API host/domain"
},
"api_id": {
"type": "string",
"description": "Parent API identifier this endpoint belongs to"
},
"api_name": {
"type": "string",
"description": "Name of the parent API"
},
"status": {
"type": "string",
"description": "Status of the endpoint",
"enum": ["active", "deprecated", "shadow", "zombie", "undocumented"]
},
"is_documented": {
"type": "boolean",
"description": "Whether this endpoint exists in OpenAPI/Swagger documentation"
},
"is_shadow": {
"type": "boolean",
"description": "Whether this is a shadow endpoint (undiscovered, not in OAS docs)"
},
"is_zombie": {
"type": "boolean",
"description": "Whether this is a zombie endpoint (deprecated but still accessible)"
},
"sensitive_data": {
"type": "array",
"items": {
"type": "object",
"properties": {
"type": {
"type": "string",
"description": "Type of sensitive data (PII, PCI, PHI, credentials)"
},
"parameter": {
"type": "string",
"description": "Parameter name containing sensitive data"
},
"location": {
"type": "string",
"enum": ["request", "response"],
"description": "Where sensitive data appears"
}
}
},
"description": "Sensitive data fields found in this endpoint"
},
"risk_score": {
"type": "number",
"minimum": 0,
"maximum": 100,
"description": "Risk score for this endpoint (0-100)"
},
"vulnerabilities": {
"type": "array",
"items": {
"type": "object",
"properties": {
"id": {
"type": "string"
},
"type": {
"type": "string"
},
"severity": {
"type": "string",
"enum": ["critical", "high", "medium", "low", "informational"]
},
"description": {
"type": "string"
}
}
},
"description": "Identified vulnerabilities for this endpoint"
},
"authentication_required": {
"type": "boolean",
"description": "Whether authentication is required for this endpoint"
},
"first_seen": {
"type": "string",
"format": "date-time",
"description": "Timestamp when endpoint was first discovered"
},
"last_seen": {
"type": "string",
"format": "date-time",
"description": "Timestamp of most recent traffic"
}
},
"required": ["id", "method", "path", "host"],
"additionalProperties": false
}