Overview

The ZeroPath REST API provides programmatic access to security scanning capabilities for your repositories. Manage organizations, repositories, scans, and security issues across multiple version control systems.

Key Capabilities

Manage Organizations

Create and manage organizations and installations

Repository Operations

Add repositories from GitHub, GitLab, Bitbucket and scan them

Security Scans

Trigger scans on repositories and pull requests

Issue Management

Search and manage security issues found in your code

Authentication

All API requests require authentication using API token headers:

Required Headers

X-ZeroPath-API-Token-Id: YOUR_TOKEN_ID
X-ZeroPath-API-Token-Secret: YOUR_TOKEN_SECRET
Content-Type: application/json

Example Request

curl -X GET https://zeropath.com/organizations \
  -H "X-ZeroPath-API-Token-Id: YOUR_TOKEN_ID" \
  -H "X-ZeroPath-API-Token-Secret: YOUR_TOKEN_SECRET" \
  -H "Content-Type: application/json"

Base URLs

All API endpoints are relative to: Production: 
https://zeropath.com
Development: 
https://dev.branch.zeropath.com

Core Resources

Organizations

Manage organizations and their settings. Key Operations:
  • POST /organizations - Create a new organization
  • GET /organizations - List organizations
  • DELETE /organizations/{id} - Delete an organization

Repositories

Add and manage repositories from various VCS providers. Key Operations:
  • POST /repositories - Add a repository
  • GET /repositories - List repositories
  • DELETE /repositories/{id} - Remove a repository
  • POST /repositories/{id}/scan - Trigger a repository scan
Supported Repository Types:
  • GitHub
  • GitLab
  • Bitbucket
  • Generic Git repositories

Scans

Initiate and monitor security scans. Key Operations:
  • POST /repositories/{id}/scan - Scan a repository
  • POST /repositories/{id}/scan_pr - Scan a pull request
  • GET /scans - List scans
  • GET /scans/{id} - Get scan details

Issues

Search and manage security issues found in scans. Key Operations:
  • GET /issues/search - Search for security issues
  • GET /issues/{id} - Get issue details
  • POST /issues/{id}/status - Update issue status

Schedules

Manage automated scanning schedules. Key Operations:
  • POST /schedules - Create a scan schedule
  • GET /schedules - List schedules
  • DELETE /schedules/{id} - Delete a schedule

Rules

Create and manage custom security rules. Key Operations:
  • POST /rules - Create a custom rule
  • GET /rules - List custom rules
  • PUT /rules/{id} - Update a rule

Stats

Retrieve statistics and metrics. Key Operations:
  • GET /stats - Get organization statistics

Quick Start

1

Get API Credentials

Generate API token credentials from your ZeroPath dashboard
2

Create an Organization

curl -X POST https://zeropath.com/organizations \
  -H "X-ZeroPath-API-Token-Id: YOUR_TOKEN_ID" \
  -H "X-ZeroPath-API-Token-Secret: YOUR_TOKEN_SECRET" \
  -H "Content-Type: application/json" \
  -d '{"name": "My Organization"}'
3

Add a Repository

curl -X POST https://zeropath.com/repositories \
  -H "X-ZeroPath-API-Token-Id: YOUR_TOKEN_ID" \
  -H "X-ZeroPath-API-Token-Secret: YOUR_TOKEN_SECRET" \
  -H "Content-Type: application/json" \
  -d '{
    "organization_id": "org_123",
    "repository_type": "github",
    "repository_url": "https://github.com/owner/repo"
  }'
4

Trigger a Scan

curl -X POST https://zeropath.com/repositories/repo_123/scan \
  -H "X-ZeroPath-API-Token-Id: YOUR_TOKEN_ID" \
  -H "X-ZeroPath-API-Token-Secret: YOUR_TOKEN_SECRET" \
  -H "Content-Type: application/json"
The detailed API endpoints documentation below is automatically generated from our OpenAPI specification.