Skip to main content

Lifecycle Webhooks Events Types

Event - Policy Management

Policy Management events include updates to policy configuration: owners, policies, tags, labels, license threat groups, and owner membership mappings.

  • action: i.e. CREATED, UPDATED, DELETED

  • type: the type of entity which was updated i.e. APPLICATION, ORGANIZATION, APPLICATION_CATEGORY, LABEL, LICENSE_THREAT_GROUP, ACCESS, POLICY

  • id: system ID used to identify the entity that was updated

Example Policy Management Event Payload

{
    'owner': {
        'id': '6a454175-f55d-4d33-ba44-90ac3af2e8b8',
        'publicId': 'webhooks_application',
        'name': 'Webhooks Application',
        'parentOwnerId': 'abaed4e0-d31e-4a67-9f71-1a8861641077',
        'type': 'APPLICATION',
        'tags': [{
            'id': '35304aee-c52f-4f66-9f7c-718e465a0e41',
            'name': 'Tag Foo',
            'description': 'A tag description.',
            'color': 'dark_red'
        }],
        'labels': [{
            'id': '35304aee-c52f-4f66-9f7c-718e465a0e41',
            'name': 'Label Foo',
            'description': 'A label description.',
            'color': 'dark_red'
        }],
        'licenseThreatGroups': [{
            'id': '35304aee-c52f-4f66-9f7c-718e465a0e41',
            'name': 'LTG Foo',
            'threatLevel': 5
        }],
        'policies': [{
            'id': '35304aee-c52f-4f66-9f7c-718e465a0e41',
            'name': 'Policy Foo',
            'threatLevel': 5
        }],
        'access': [{
            'id': '35304aee-c52f-4f66-9f7c-718e465a0e41',
            'name': 'Developers',
            'members': [{
                'type': 'USER',
                'name': 'jyoung'
            }]
        }]
    }
}

Event - Application Evaluation

Application Evaluation events are those occurring during the lifecycle of a policy evaluation. Evaluation completed is the only evaluation event currently available.

Application Evaluation events have the following fields:

  • application : Contains ids and name of the affected application.

  • policyEvaluationId: ID of the policy evaluation.

Example Application Evaluation Event Payload

{
    "timestamp":"2020-04-22T18:30:04.673+0000",
    "initiator":"admin",
    "id":"d5cc2e91d6454545841da5599d3c7156",
    "applicationEvaluation":{
        "application":{
            "id":"0f256982c80b4e13abef4917b93ac343",
            "publicId":"My-Application-ID",
            "name":"My-Application",
            "organizationId":"f25acda2a413ab2c62b44917b93ac232"
        },
        "policyEvaluationId":"d5cc2e91d6454545841da5599d3c7156",
        "stage":"release",
        "ownerId":"0f256982c80b4e13abef4917b93ac343",
        "evaluationDate":"2020-04-22T18:30:04.404+0000",
        "affectedComponentCount":10,
        "criticalComponentCount":2,
        "severeComponentCount":5,
        "moderateComponentCount":3,
        "outcome":"fail",
        "reportId":"36f37cf776dd408bacd063450ab04f71"
    }
}

Event - Violation Alert

Application Evaluation events are those occurring during the lifecycle of a policy evaluation. The Violation Alert event is triggered when policy violations have been detected. If an evaluation did not detect any policy violations then no webhook events will be sent.

Violation Alert events contain the same fields as the Application Evaluation (see above) event and contain additional information about all policy violations found during the evaluation:

  • application: Contains ids and name of the affected application.

  • policyAlerts: A list of all policy alerts triggered by this evaluation.

Example Violation Alert Event Payload

{
  "initiator": "admin",
  "applicationEvaluation": {
    "application": {
      "id": "1e010417a9fd4624b0eaccebccac21f6",
      "publicId": "appPublicId",
      "name": "app",
      "organizationId": "2edd9a73b5444ca7b563501445b7b2fc"
    },
    "policyEvaluationId": "e534d2c0bb64473a8206ead3cdee9d84",
    "stage": "build",
    "ownerId": "5c2cb33bc52e48b7ad04b4905bf74337",
    "evaluationDate": "2019-08-27T20:33:47.854+0000",
    "affectedComponentCount": 1,
    "criticalComponentCount": 1,
    "severeComponentCount": 0,
    "moderateComponentCount": 0,
    "outcome": "fail",
    "reportId": "38e07c8866a242a485e6d7d2c1fd5692"
  },
  "application": {
    "id": "1e010417a9fd4624b0eaccebccac21f6",
    "publicId": "appPublicId",
    "name": "app",
    "organizationId": "2edd9a73b5444ca7b563501445b7b2fc"
  },
  "policyAlerts": [
    {
      "policyId": "6f981ceb94684b3da36ee1a1d863956f",
      "policyName": "Security-Critical",
      "threatLevel": 10,
      "componentFacts": [
        {
          "hash": "40fb048097caeacdb11d",
          "displayName": "apache-collections : commons-collections : 3.1",
          "componentIdentifier": {
            "format": "maven",
            "coordinates": {
              "artifactId": "commons-collections",
              "classifier": "",
              "extension": "jar",
              "groupId": "apache-collections",
              "version": "3.1"
            }
          },
          "pathNames": [],
          "constraintFacts": [
            {
              "constraintName": "Critical risk CVSS score",
              "satisfiedConditions": [
                {
                  "summary": "Security Vulnerability Severity >= 9",
                  "reason": "Found security vulnerability sonatype-2015-0002 with severity 9.0."
                }
              ]
            }
          ]
        }
      ],
      "policyViolationId": "62c3f1fc67b149f1a584cd63acb23eed"
    }
  ]
}

Event - License Override Management

License Override Management events are issued when a license override is created, updated, or deleted.

License Override Management events have the following fields:

  • id: ID of the license override

  • action: CREATED, UPDATED, DELETED

Example License Override Management Event Payload

{
    'licenseOverride': {
        'id': 'cafdf38d458d461583ec6cd509dc8c31',
        'ownerId': '6a454175-f55d-4d33-ba44-90ac3af2e8b8',
        'status': 'OVERRIDEN',
        'comment': '',
        'licenseIds': [
            'Apache-2.0'
        ],
        'componentIdentifier': {
            'format': 'maven',
            'coordinates': {
                'artifactId': 'foo',
                'classifier': '',
                'extension': 'jar',
                'groupId': 'net.java.bar',
                'version': '1.9'
            }
        }
    }
}

Event - Security Vulnerability Override Management

Security Vulnerability Override Management events are issued when a security vulnerability override is created, updated, or deleted.

Security Vulnerability Override Management events have the following fields:

  • id: ID of the security vulnerability override.

  • action: CREATED, UPDATED, DELETED.

Example Security Vulnerability Override Management Event Payload

{
    'securityVulnerabilityOverride': {
        'id': 'd08a4954c2f942e6bbd95517030ebcf7',
        'ownerId': '6a454175-f55d-4d33-ba44-90ac3af2e8b8',
        'hash': '46c81da3225f991faa2b',
        'source': 'cve',
        'referenceId': 'CVE-2016-0788',
        'status': 'ACKNOWLEDGED',
        'comment': 'Ack'
    }
}

Event - Waiver Request

Waiver Request events are issued when a user submits a waiver request.

Example Waiver Request Event Payload

{
  timestamp: '2023-07-05T15:21:59.681+00:00',
  initiator: 'admin',
  comment: 'To accelerate release and time to investigate further',
  policyViolationId: '79576f35da564bc38fbaa8e41882755f',
  policyViolationLink: 'http://localhost:8070/assets/#/violation/79576f35da564bc38fbaa8e41882755f',
  addWaiverLink: 'http://localhost:8070/assets/#/addWaiver/79576f35da564bc38fbaa8e41882755f?comments=toacceleratereleaseandtimetoinvestigatefurther'
}