# Leen.dev Unified API for Security

## Docs

- [Get Resource by ID](https://docs.leen.dev/api-reference-v2/get-resource-by-id.md): Return a resource by its ID (Leen's UUID)
- [List Resources](https://docs.leen.dev/api-reference-v2/get-resources.md): List all the resources
- [Get Vulnerability Finding by ID](https://docs.leen.dev/api-reference-v2/get-vulnerability-finding-by-id.md): Get a vulnerability finding by ID.
- [List Vulnerability Findings](https://docs.leen.dev/api-reference-v2/get-vulnerability-findings.md): List vulnerability findings with keyset pagination and filtering options.
- [Cursor Pagination](https://docs.leen.dev/api-reference-v2/pagination.md): The Leen API supports cursor-based pagination to help you efficiently navigate through large datasets. Follow these steps to implement pagination using our API.
- [Supported Connectors](https://docs.leen.dev/api-reference-v2/supported-connectors.md): Supported connectors for the API V2
- [Get Issue by ID](https://docs.leen.dev/api-reference/appsec/get-issue-by-id.md): Retrieve an issue by its ID (Leen's UUID).
- [List Issues](https://docs.leen.dev/api-reference/appsec/get-issues.md): List all the issues for a given connection. sort - supports `severity:asc` (eg. lowest to highest criticality) and `severity:desc` if not direction is provided it will default to `asc`
- [AppSec Connectors](https://docs.leen.dev/api-reference/appsec/supported-connectors.md): Supported AppSec connectors for the AppSec endpoints
- [Authentication](https://docs.leen.dev/api-reference/authentication.md): Leen.dev's Authentication Method
- [Get Configuration User by ID](https://docs.leen.dev/api-reference/configuration/get-configuration-user-by-id.md): Return a User who has access to a connection source by ID (Leen's UUID).
- [List Configuration Users](https://docs.leen.dev/api-reference/configuration/get-configuration-users.md): List all users who have access to the connection source (e.g. Tenable, Qualys, etc.)
- [Configuration Connectors](https://docs.leen.dev/api-reference/configuration/supported-connectors.md): Supported Configuration connectors for the Configuration endpoints
- [Connection Health](https://docs.leen.dev/api-reference/connection-health.md): The Connection Health feature provides a high-level view of connection stability by evaluating the status of the most recent job run. It helps identify unhealthy connections, categorize failure types, and improve error visibility.
- [Get Integrations](https://docs.leen.dev/api-reference/connectors.md)
- [Creating a new connection](https://docs.leen.dev/api-reference/creating-a-connection.md): Due to a limitation in our docs it has become confusing to figure out how to create a new connection. This guide will help you through the process.
- [List Alerts](https://docs.leen.dev/api-reference/cspm/get-alerts.md)
- [List Compliance Data with Conditional Findings](https://docs.leen.dev/api-reference/cspm/get-compliance-data.md): List compliance records with keyset pagination. When includeFindings=true, findings are only included for compliances with status=FAIL.
- [List Compliance Findings](https://docs.leen.dev/api-reference/cspm/get-compliance-findings.md)
- [CSPM Connectors](https://docs.leen.dev/api-reference/cspm/supported-connectors.md): Supported CSPM connectors for the CSPM endpoints
- [Get Alert by ID](https://docs.leen.dev/api-reference/edr/get-alert-by-id.md): Retrieve an EDR alert by its ID (Leen's UUID).
- [List Alerts](https://docs.leen.dev/api-reference/edr/get-alerts.md): List all the EDR alerts for a given connection.
- [List Policies](https://docs.leen.dev/api-reference/edr/get-policies.md): List all the device policies for a given connection.
- [EDR Connectors](https://docs.leen.dev/api-reference/edr/supported-connectors.md): Supported EDR connectors for the EDR endpoints
- [Get NVD Enrichment Data for CVEs](https://docs.leen.dev/api-reference/enrichments/nvd.md): Get NVD Enrichment Data for CVEs
- [Get Device by ID](https://docs.leen.dev/api-reference/entities/get-device-by-id.md): Retrieve a device by its ID (Leen's UUID).
- [List Device Groups](https://docs.leen.dev/api-reference/entities/get-device-groups.md): List all the device groups for a given connection.
- [List Devices](https://docs.leen.dev/api-reference/entities/get-devices.md): List all the devices for a given connection.
- [Device Connectors](https://docs.leen.dev/api-reference/entities/supported-connectors.md): Supported Device connectors for the Device endpoints and model properties
- [Get GRC Assessment](https://docs.leen.dev/api-reference/grc/assessments/get-assessment-by-id.md): Get a specific GRC assessment for a given connection.
- [List GRC Assessments](https://docs.leen.dev/api-reference/grc/assessments/get-assessments.md): List all GRC assessments for a given connection.
- [Submit GRC Assessment](https://docs.leen.dev/api-reference/grc/assessments/post-assessment-response.md): Submit a GRC assessment for a given connection.
- [Get GRC Control](https://docs.leen.dev/api-reference/grc/controls/get-control-by-id.md): Get a specific GRC control by its ID.
- [List GRC Controls](https://docs.leen.dev/api-reference/grc/controls/get-controls.md): List all GRC controls for a given connection.
- [List GRC entities](https://docs.leen.dev/api-reference/grc/entities/get-entities.md): List all GRC entities
- [Get GRC entity by ID](https://docs.leen.dev/api-reference/grc/entities/get-entity-by-id.md): Get a GRC entity by its ID
- [List GRC Evidences](https://docs.leen.dev/api-reference/grc/evidences/get-evidences.md): List all GRC evidences for a given connection.
- [GRC Connectors](https://docs.leen.dev/api-reference/grc/supported-connectors.md): Supported GRC connectors for the GRC endpoints
- [List IDP Alerts](https://docs.leen.dev/api-reference/idp/list-alerts.md): List all the IDP alerts for a given connection. sort - supports `severity:asc` (eg. lowest to highest criticality) and `severity:desc`. If no direction is provided it will default to `asc`
- [List IDP Applications](https://docs.leen.dev/api-reference/idp/list-applications.md): List all the IDP applications for a given connection.
- [List IDP Groups](https://docs.leen.dev/api-reference/idp/list-groups.md): List all the IDP groups for a given connection.
- [List IDP Policies](https://docs.leen.dev/api-reference/idp/list-policies.md): List all the IDP policies for a given connection. Use /policies/{policy_id}/groups, /policies/{policy_id}/applications, and /policies/{policy_id}/users to get related entities with proper pagination.
- [List Applications for IDP Policy](https://docs.leen.dev/api-reference/idp/list-policy-applications.md): List all applications associated with a specific IDP policy.
- [List Groups for IDP Policy](https://docs.leen.dev/api-reference/idp/list-policy-groups.md): List all groups associated with a specific IDP policy.
- [List Users for IDP Policy](https://docs.leen.dev/api-reference/idp/list-policy-users.md): List all users associated with a specific IDP policy.
- [List IDP Users](https://docs.leen.dev/api-reference/idp/list-users.md): List all the IDP users for a given connection.
- [IDP Connectors](https://docs.leen.dev/api-reference/idp/supported-connector.md): Supported IDP connectors for the IDP endpoints
- [Create ITSM Ticket](https://docs.leen.dev/api-reference/itsm/create-ticket.md): Create a new ITSM ticket.
- [Bulk Create ITSM Tickets (Async)](https://docs.leen.dev/api-reference/itsm/create-ticket-bulk.md): Create multiple ITSM tickets asynchronously.
- [Bulk Create ITSM Tickets (Sync)](https://docs.leen.dev/api-reference/itsm/create-ticket-bulk-sync.md): Create multiple ITSM tickets synchronously.
- [Get ITSM Attachment by ID](https://docs.leen.dev/api-reference/itsm/get-attachment-by-id.md)
- [List ITSM Attachments](https://docs.leen.dev/api-reference/itsm/get-attachments.md)
- [Get ITSM Comment by ID](https://docs.leen.dev/api-reference/itsm/get-comment-by-id.md)
- [List ITSM Comments](https://docs.leen.dev/api-reference/itsm/get-comments.md)
- [Get ITSM Group by ID](https://docs.leen.dev/api-reference/itsm/get-group-by-id.md)
- [List ITSM Groups](https://docs.leen.dev/api-reference/itsm/get-groups.md)
- [Get ITSM Project by ID](https://docs.leen.dev/api-reference/itsm/get-project-by-id.md)
- [List ITSM Projects](https://docs.leen.dev/api-reference/itsm/get-projects.md)
- [Get ITSM Ticket by ID](https://docs.leen.dev/api-reference/itsm/get-ticket-by-id.md)
- [Get ITSM Ticket by Identifier](https://docs.leen.dev/api-reference/itsm/get-ticket-by-identifier.md): Get an ITSM ticket by its user-provided identifier.
- [List ITSM Tickets](https://docs.leen.dev/api-reference/itsm/get-tickets.md)
- [Get ITSM User by ID](https://docs.leen.dev/api-reference/itsm/get-user-by-id.md)
- [List ITSM Users](https://docs.leen.dev/api-reference/itsm/get-users.md)
- [List Assignable Users for a Project (Passthrough)](https://docs.leen.dev/api-reference/itsm/passthrough-assignable-users.md): List users who can be assigned to issues in a specific project. The `project_key`, `query` filter, and `vendor_id` semantics are vendor-specific (e.g., for Jira: `vendor_id` is the `accountId`, `query` filters by name or email).
- [List Issue Types for a Project (Passthrough)](https://docs.leen.dev/api-reference/itsm/passthrough-issue-types.md): List issue types available for a specific project. The `project_key` value and response fields are vendor-specific (e.g., for Jira: `project_key` is the project key such as `PROJ`, `vendor_id` in results is the Jira issue type ID).
- [List Projects (Passthrough)](https://docs.leen.dev/api-reference/itsm/passthrough-projects.md): List projects accessible via the connected vendor account. Response fields and pagination semantics vary by vendor (e.g., for Jira: `vendor_id` is the project key such as `PROJ`).
- [Search Tickets (Passthrough)](https://docs.leen.dev/api-reference/itsm/passthrough-tickets-search.md): Search tickets using vendor-native query syntax and pagination. Query parameters are vendor-specific — for Jira, use `jql` with JQL syntax and cursor-based pagination. Other vendors will use their own query params when supported.
- [ITSM Connectors](https://docs.leen.dev/api-reference/itsm/supported-connectors.md): Supported ITSM connectors for the ITSM endpoints
- [Bulk Update ITSM Tickets (Async)](https://docs.leen.dev/api-reference/itsm/update-ticket-bulk.md): Update multiple ITSM tickets asynchronously with the same field values.
- [Update ITSM Ticket by ID](https://docs.leen.dev/api-reference/itsm/update-ticket-by-id.md): Update an ITSM ticket.
- [Create Connection Invite Token](https://docs.leen.dev/api-reference/onramp/create-connection-invite-token.md): Create a one-time use connection invite token for an Organization.
- [List Connection Invite Tokens](https://docs.leen.dev/api-reference/onramp/get-connection-invite-tokens.md): List all the created connection invite tokens for a given Organization.
- [Get Outbound job by id](https://docs.leen.dev/api-reference/outbound-job.md): Get outbound job by id.
- [Cursor Pagination](https://docs.leen.dev/api-reference/pagination.md): The Leen API supports cursor-based pagination to help you efficiently navigate through large datasets. Follow these steps to implement pagination using our API.
- [Create Connection](https://docs.leen.dev/api-reference/provisioning/add-new-connection.md): Create a connection for a given Organization.
- [Create Organization](https://docs.leen.dev/api-reference/provisioning/add-organization.md): Create an organization for a given Environment.
- [Delete Connection](https://docs.leen.dev/api-reference/provisioning/delete-connection.md): Delete a connection by its ID and Organization ID (Leen's UUID).
- [Soft Delete Organization By Id And Environment Id](https://docs.leen.dev/api-reference/provisioning/delete-organization.md)
- [Get Connection by ID](https://docs.leen.dev/api-reference/provisioning/get-connection.md): Retrieve a connection by its ID (Leen's UUID).
- [List Jobs by Connection ID](https://docs.leen.dev/api-reference/provisioning/get-connection-jobs.md): List all the jobs for a given Connection.
- [Get Organization by ID](https://docs.leen.dev/api-reference/provisioning/get-organization.md): Return an organization by its ID (Leen's UUID).
- [List Connections](https://docs.leen.dev/api-reference/provisioning/list-connections.md): List all the connections for a given Organization.
- [List Organizations](https://docs.leen.dev/api-reference/provisioning/list-organizations.md): List all the organizations for a given Environment.
- [Test Connection Credentials by Connection ID](https://docs.leen.dev/api-reference/provisioning/test-connection.md): Test the connection credentials for a given Connection.
- [Update Connection by ID and Organization ID](https://docs.leen.dev/api-reference/provisioning/update-connection.md)
- [List TPRM Companies](https://docs.leen.dev/api-reference/tprm/companies/get-companies.md)
- [Get TPRM Company by ID](https://docs.leen.dev/api-reference/tprm/companies/get-company-by-id.md)
- [Get TPRM Finding by ID](https://docs.leen.dev/api-reference/tprm/findings/get-finding-by-id.md)
- [List TPRM Findings](https://docs.leen.dev/api-reference/tprm/findings/get-findings.md)
- [TPRM Connectors](https://docs.leen.dev/api-reference/tprm/supported-connectors.md): Supported TPRM connectors for the TPRM endpoints
- [Get VMS Scan Configuration by ID](https://docs.leen.dev/api-reference/vms/get-scan-configuration-by-id.md)
- [List VMS Scan Configurations](https://docs.leen.dev/api-reference/vms/get-scan-configurations.md)
- [List Vulnerabilities](https://docs.leen.dev/api-reference/vms/get-vulnerabilities.md): List all the vulnerabilities for a given connection.
- [Get Vulnerability by ID](https://docs.leen.dev/api-reference/vms/get-vulnerability-by-id.md): Retrieve a vulnerability by its ID (Leen's UUID)
- [VMS Connectors](https://docs.leen.dev/api-reference/vms/supported-connectors.md): Supported VMS connectors for the VMS endpoints
- [Aikido Instructions](https://docs.leen.dev/integrations/aikido-credential.md): Instructions on how to generate credentials for Aikido.
- [AppSec Integrations](https://docs.leen.dev/integrations/application-security.md): Information about the AppSec integrations available in Leen. Find out which fields are supported by each integration and how to configure them.
- [Arnica Instructions](https://docs.leen.dev/integrations/arnica-credential.md): Instructions on how to generate credentials for Arnica.
- [AWS Access Analyzer Instructions](https://docs.leen.dev/integrations/aws-access-analyzer-credentials.md): Instructions on how to generate credentials for AWS Access Analyzer integration.
- [AWS Inspector2 Instructions](https://docs.leen.dev/integrations/aws-inspector2-appsec.md): Instructions on how to generate credentials for AWS Inspector2 integration.
- [AWS Inspector2 Instructions](https://docs.leen.dev/integrations/aws-inspector2-vms.md): Instructions on how to generate credentials for AWS Inspector2 integration.
- [AWS SecurityHub Instructions](https://docs.leen.dev/integrations/aws-securityhub.md): Instructions on how to generate credentials for AWS SecurityHub integration.
- [BitSight](https://docs.leen.dev/integrations/bitsight-tprm-credential.md): Instructions on how to configure API access for BitSight to fetch Third-Party Risk Management (TPRM) data.
- [Black Duck SCA](https://docs.leen.dev/integrations/black-duck-sca-credential.md): Instructions on how to configure API access for Black Duck SCA to fetch open-source component vulnerabilities and license risks.
- [Black Kite](https://docs.leen.dev/integrations/blackkite-tprm-credential.md): Instructions on how to configure API access for Black Kite to fetch Third-Party Risk Management (TPRM) data.
- [Black Duck Coverity](https://docs.leen.dev/integrations/coverity-sast-credential.md): Instructions on how to configure API access for Black Duck Coverity to fetch static analysis security findings.
- [CrowdStrike EDR Instructions](https://docs.leen.dev/integrations/crowdstrike-credential.md): Instructions on how to generate credentials for CrowdStrike's Endpoint Alerts and Response integration with the required permissions.
- [CrowdStrike Exposure Management Instructions](https://docs.leen.dev/integrations/crowdstrike-spotlight-credential.md): Instructions on how to generate credentials for CrowdStrike Exposure Management with the required permissions.
- [CSPM Integrations](https://docs.leen.dev/integrations/cspm.md): Information about the CSPM integrations available in Leen. Find out which fields are supported by each integration and how to configure them.
- [EDR Integrations](https://docs.leen.dev/integrations/endpoint-detection-response.md): Information about the EDR integrations available in Leen. Find out which fields are supported by each integration and how to configure them.
- [Governance, Risk, and Compliance Integrations](https://docs.leen.dev/integrations/grc.md): Information about the Governance, Risk, and Compliance(GRC) integrations available in Leen. Find out which fields are supported by each integration and how to configure them.
- [IDP Integrations](https://docs.leen.dev/integrations/identity-provider.md): Information about the Identity Provider integrations available in Leen. Find out which fields are supported by each integration and how to configure them.
- [IT Service Management (ITSM) Integrations](https://docs.leen.dev/integrations/itsm.md): Information about the ITSM integrations available in Leen. Find out which fields are supported by each integration and how to configure them.
- [ITSM Write Endpoints](https://docs.leen.dev/integrations/itsm-write-endpoints.md): Create and update tickets in your ITSM tools via Leen's Write API.
- [JIRA ITSM](https://docs.leen.dev/integrations/jira-itsm-credential.md): Instructions to authenticate with JIRA Cloud API using OAuth 2.0
- [Lacework CSPM Instructions](https://docs.leen.dev/integrations/lacework-cspm.md): Instructions on how to onboard a Lacework CSPM Integration
- [AppSec V1 to V2](https://docs.leen.dev/integrations/migration-guides/appsec-v1-to-v2.md): Migration guide for AppSec connectors from V1 Issues to V2 Vulnerability Findings and Resources
- [VMS V1 to V2](https://docs.leen.dev/integrations/migration-guides/vms-v1-to-v2.md): Migration guide for VMS connectors from V1 Devices & Vulnerabilities to V2 Resources & Vulnerability Findings
- [Microsoft Defender for Cloud Instructions](https://docs.leen.dev/integrations/ms-defender-cloud-cspm.md): Instructions on how to onboard a Microsoft Defender for Cloud Integration
- [Microsoft Defender EDR Instructions](https://docs.leen.dev/integrations/ms-defender-credential.md): Instructions on how to onboard a Microsoft Defender Integration
- [Microsoft Defender VMS Instructions](https://docs.leen.dev/integrations/ms-defender-vms-credential.md): Instructions on how to onboard a Microsoft Defender Integration
- [Microsoft Entra Instructions](https://docs.leen.dev/integrations/ms-entra-idp-credential.md): Instructions on how to onboard a Microsoft Entra Integration
- [Okta IDP Instructions](https://docs.leen.dev/integrations/okta-idp.md): Information about the Okta Identity Provider integration available in Leen. This integration uses the Core Okta API to interact with your Okta organization.
- [ProcessUnity](https://docs.leen.dev/integrations/processunity-credential.md): Instructions on how to configure API access for ProcessUnity to sync Third-Party Risk Management (TPRM) data.
- [Qualys Vulnerability Management Instructions](https://docs.leen.dev/integrations/qualys-credential.md): Instructions on how to generate credentials for Qualys Vulnerability Management and the required permissions.
- [Rapid7 InsightVM Vulnerability Management Instructions](https://docs.leen.dev/integrations/rapid7-credential.md): Instructions on how to generate credentials for Rapid7's InsightVM Vulnerability Management platform and the required permissions.
- [SecurityScorecard](https://docs.leen.dev/integrations/securityscorecard-credential.md): Instructions on how to configure API access for SecurityScorecard to fetch Third-Party Risk Management (TPRM) data.
- [Semgrep Instructions](https://docs.leen.dev/integrations/semgrep-credential.md): Instructions on how to onboard a Semgrep Integration
- [SentinelOne EDR Instructions](https://docs.leen.dev/integrations/sentinelone-credential.md): Instructions on how to generate credentials for SentinelOne's Endpoint Detection and Response integration with the required permissions.
- [SentinelOne VMS Instructions](https://docs.leen.dev/integrations/sentinelone-vms-credential.md): Instructions on how to generate credentials for SentinelOne's VMS integration with the required permissions.
- [ServiceNow GRC](https://docs.leen.dev/integrations/servicenow-grc-credential.md): Instructions to authenticate with ServiceNow GRC API
- [ServiceNow ITSM](https://docs.leen.dev/integrations/servicenow-itsm-credential.md): Instructions to authenticate with ServiceNow ITSM API
- [Snyk Connection Instructions](https://docs.leen.dev/integrations/snyk-credential.md): Instructions on how to onboard a Snyk Integration
- [SonarQube (SonarCloud)](https://docs.leen.dev/integrations/sonarqube-credential.md): Instructions on how to configure API access for SonarQube / SonarCloud to fetch code quality and security findings.
- [Tenable Vulnerability Management Instructions](https://docs.leen.dev/integrations/tenable-credential.md): Instructions on how to generate credentials for Tenable Vulnerability Management and the required permissions.
- [Third Party Risk Management Integrations](https://docs.leen.dev/integrations/third-party-risk-management.md): Information about the Third Party Risk Management(TPRM) integrations available in Leen. Find out which fields are supported by each integration and how to configure them.
- [Checkmarx](https://docs.leen.dev/integrations/v2/checkmarx-credential.md): Instructions on how to configure API access for Checkmarx to fetch SAST, SCA, IaC, Container, and API Security Findings.
- [GitHub Advanced Security](https://docs.leen.dev/integrations/v2/github-credential.md): Instructions to create a connection with GitHub for findings related to Code Scanning, Secrets Scanning and Dependabot Alerts
- [Gitlab](https://docs.leen.dev/integrations/v2/gitlab-credential.md): Instructions on how to onboard a Gitlab Integration
- [Mend](https://docs.leen.dev/integrations/v2/mend-credential.md): Instructions to create a service user and authenticate with Mend API 3.0
- [Orca Security](https://docs.leen.dev/integrations/v2/orca-credential.md): Instructions to create a service user and authenticate with Orca Serving Layer API
- [Tanium](https://docs.leen.dev/integrations/v2/tanium-vms-credential.md): Instructions on how to configure API access for Tanium to fetch endpoints and CVE Vulnerability Findings
- [Upwind](https://docs.leen.dev/integrations/v2/upwind-credential.md): Instructions on how to onboard an Upwind Integration
- [Vulnerability Findings](https://docs.leen.dev/integrations/v2/vulnerability-findings-v2.md): For new V2 integrations we are moving away from the concept of product category specific data models. Eg. Gitlab (Application Security) and Upwind (Cloud Security Posture Management) both use the same data model.
- [VMS Integrations](https://docs.leen.dev/integrations/vulnerability-management.md): Information about the VMS integrations available in Leen. Find out which fields are supported by each integration and how to configure them.
- [Wiz Code Instructions](https://docs.leen.dev/integrations/wiz-code-credential.md): Instructions on how to generate credentials for Wiz Code and the required permissions.
- [Wiz Instructions](https://docs.leen.dev/integrations/wiz-credential.md): Instructions on how to generate credentials for Wiz and the required permissions.
- [Wiz CSPM Instructions](https://docs.leen.dev/integrations/wiz-cspm.md): Instructions on how to generate credentials for Wiz CSPM and the required permissions.
- [Introduction](https://docs.leen.dev/intro/introduction.md): Welcome to Leen's documentation!
- [Quick Start](https://docs.leen.dev/intro/quick-start.md): An introduction to building with Leen
- [Supported Regions](https://docs.leen.dev/intro/supported-regions.md): Various regions supported by Leen
- [Create a connection](https://docs.leen.dev/onramp/create-connection.md): OnRamp is Leen's embeddable onboarding component that allows your users to easily create new connections or update existing connections. As an embeddable component, OnRamp is designed to be integrated directly into your application workflow.
- [Update a connection](https://docs.leen.dev/onramp/update-connection.md): OnRamp is Leen's embeddable onboarding component that allows your users to easily create new connections or update existing connections. As an embeddable component, OnRamp is designed to be integrated directly into your application workflow.
- [JIRA ITSM](https://docs.leen.dev/webhooks/integrations/jira-webhooks.md): Real-time data synchronization for JIRA Tickets using webhooks
- [Third-Party Webhooks](https://docs.leen.dev/webhooks/webhooks-reference.md): Real-time data synchronization from external vendors using webhooks

## OpenAPI Specs

- [openapi](https://docs.leen.dev/openapi.json)
- [openapi_v2](https://docs.leen.dev/openapi_v2.json)