Scanning APIs

Cloud Storage Security Scanning API

v1 OAS3

css_scanning_api_openapi_doc.json

HealthCheck

Checks if the server is alive

get
Responses
200
Success
get
GET /health HTTP/1.1
Host: 
Accept: */*
200

Success

No content

Scan

Check the status of an extra large file scan job. This could be used when a file larger than what can fit on the API's disk was submitted to be scanned via the scan existing API. The initial scan existing API request would have a reference ID returned back that would be included in this request.

get
Query parameters
referenceIdstringOptional
Responses
200
Success
get
GET /api/Scan/JobStatus HTTP/1.1
Host: 
Accept: */*
{
  "result": "Clean",
  "detectedInfections": [
    {
      "file": "text",
      "infection": "text"
    }
  ],
  "errorMessage": "text",
  "dateScanned": "2025-06-30T19:51:14.196Z",
  "trueFileType": "text",
  "referenceId": "text"
}

Scan a file that already exists in cloud storage

post
Body
containerstringRequired
objectPathstringRequired
versionIdstring | nullableOptional
uploadedBystring | nullableOptional
fileSizeinteger · int64Optional
lastModifiedstring · date-timeOptional
Responses
200
Success
post
POST /api/Scan/Existing HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 134

{
  "container": "text",
  "objectPath": "text",
  "versionId": "text",
  "uploadedBy": "text",
  "fileSize": 1,
  "lastModified": "2025-06-30T19:51:14.196Z"
}
{
  "result": "Clean",
  "detectedInfections": [
    {
      "file": "text",
      "infection": "text"
    }
  ],
  "errorMessage": "text",
  "dateScanned": "2025-06-30T19:51:14.196Z",
  "trueFileType": "text",
  "referenceId": "text"
}

Send a file to the API to be scanned. This can either be done via a multi-part file upload or a binary file transfer. If done as a binary file transfer, headers may be added to specify the file name and an upload destination (if desired). The upload destination is specified as an uploadTo form field when using multi-part form uploads.

post
Header parameters
File-NamestringOptional

Optional - for use when performing scan and upload only

Upload-TostringOptional

Optional - for use when performing scan and upload only

Body
fileNamestring · binaryOptional
uploadTostringOptional
Responses
200
Success
post
POST /api/Scan HTTP/1.1
Host: 
Content-Type: multipart/form-data
Accept: */*
Content-Length: 39

{
  "fileName": "binary",
  "uploadTo": "text"
}
{
  "result": "Clean",
  "detectedInfections": [
    {
      "file": "text",
      "infection": "text"
    }
  ],
  "errorMessage": "text",
  "dateScanned": "2025-06-30T19:51:14.196Z",
  "trueFileType": "text",
  "referenceId": "text"
}

Scan a file that exists at an arbitrary url. For example, this may be a file on a generic public http(s) endpoint, or an object with a pre-signed url.

post
Body
urlstringOptional
Responses
200
Success
post
POST /api/Scan/url HTTP/1.1
Host: 
Content-Type: multipart/form-data
Accept: */*
Content-Length: 14

{
  "url": "text"
}
{
  "result": "Clean",
  "detectedInfections": [
    {
      "file": "text",
      "infection": "text"
    }
  ],
  "errorMessage": "text",
  "dateScanned": "2025-06-30T19:51:14.196Z",
  "trueFileType": "text",
  "referenceId": "text"
}

Token

Performs authentication for a user, returning the bearer token to be used for future API requests

post
Body
usernamestringRequired
passwordstringRequired
mfaCodestring | nullableOptional
Responses
200
Success
post
POST /api/Token HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 54

{
  "username": "text",
  "password": "text",
  "mfaCode": "text"
}
{
  "accessToken": "text",
  "tokenType": "text",
  "expiresIn": 1
}

Last updated