Endpoint Description
Panoptica can show several details about your API endpoints. For an overview of the APIs, navigate to the API Security tab under Workloads and Data.
From here, you can drill down to the endpoints an API.
-
Select the API you want to inspect, then click Open a Full Details Page.
-
Select the Endpoints tab, then click the endpoint you want to inspect.
-
The top of the Endpoint Description page shows an overview of the endpoint, including:
- Highest Risk: The highest level of security finding for the endpoint, for example, Info or Critical.
- Method: The HTTP method of the endpoint, for example, POST or GET.
- Path: The path to the endpoint.
- Labels: Labels applicable to the endpoint, for example, No Authentication, or Sensitive Data.
- First Seen, Last Seen: The dates when the Panoptica detected the endpoint.
- Security Findings: The security findings for the endpoint.
The lower part of the Endpoint Description page shows various details about the endpoint on the following tabs:
Request Parameters
This tab shows the parameters of the requests to the endpoint:
- Drift Type: Shows if Panoptica has detected a drift in the traffic compared to the OpenApi specification (OAS) of the endpoint.
- Name: The name of the parameter, for example,
content-length
orcontent-type
. - Type: The type of the parameter, for example,
url
, orurluuid
. - Location: The location of the parameter, for example,
header
orurl
. - Labels: The labels of the endpoint.
Response Attributes
This tab shows the attributes of the responses from this endpoint:
- Drift Type: Shows if Panoptica has detected a drift in the traffic compared to the OpenApi specification (OAS) of the endpoint.
- Code: The HTTP status code, for example, 200.
- Name: The name of the response attribute.
- Type: The type of the response attribute.
- Location: The location of the response attribute, for example,
body
. - Labels: The labels of the endpoint.
Access Control Posture
This tab shows authentication and access control related information about the endpoint, for example, the Type of authentication required for the endpoint (for example, BasicAuth
or JwtAuth
).
Click on an item to see its details, including RBAC Claims and Authorization Attributes.
Security Findings
This tab shows the security findings related to the endpoint, for example, the findings of the OpenAPI specification analyzer.
Click on an item to see its details, including the Risk Overview of the finding and the Affected Elements.
Updated 6 months ago