REST API (Beta)

Use the Panther REST API to interact with your Panther entities

Overview

The REST API is in open beta starting with Panther version 1.98, and is available to all customers. Please share any bug reports and feature requests with your Panther support team.

Panther offers a REST API to interact with certain parts of your Panther instance. Currently, you can interact with the following entities through the REST API:

Additional operations are available in the GraphQL API.

Discover the Panther REST API schema

Discover the REST API schema by viewing the OpenAPI specification file. You can either:

  • View the raw file directly, in the expandable block below:

Panther OpenAPI specification
openapi: 3.0.3
info:
  title: Panther REST API
  version: '1.0'
servers:
  - url: https://{api_host}
    variables:
      api_host:
        default: your-api-host
paths:
  /data-models:
    get:
      tags:
        - data model
      summary: list data models
      operationId: data model#list
      parameters:
        - name: cursor
          in: query
          description: the pagination token
          allowEmptyValue: true
          schema:
            type: string
            description: the pagination token
        - name: limit
          in: query
          description: the maximum results to return
          allowEmptyValue: true
          schema:
            type: integer
            description: the maximum results to return
            default: 100
            format: int64
      responses:
        '200':
          description: OK response.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DataModelAPI.ListResp'
    post:
      tags:
        - data model
      summary: create data model
      operationId: data model#create
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DataModelAPI.ModifyDataModel'
      responses:
        '200':
          description: OK response.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DataModelAPI.DataModelcreateResponseBody'
        '400':
          description: 'bad_request: Bad Request response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DataModelAPI.ExistsError'
        '409':
          description: 'exists: Conflict response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DataModelAPI.ExistsError'
  /data-models/{id}:
    delete:
      tags:
        - data model
      summary: delete data model
      operationId: data model#delete
      parameters:
        - name: id
          in: path
          description: ID of the data model to delete
          required: true
          schema:
            type: string
            description: ID of the data model to delete
      responses:
        '204':
          description: No Content response.
        '400':
          description: 'bad_request: Bad Request response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DataModelAPI.ExistsError'
        '404':
          description: 'not_found: Not Found response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DataModelAPI.ExistsError'
    get:
      tags:
        - data model
      summary: get data model
      operationId: data model#get
      parameters:
        - name: id
          in: path
          description: ID of the data model to fetch
          required: true
          schema:
            type: string
            description: ID of the data model to fetch
      responses:
        '200':
          description: OK response.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DataModelAPI.DataModelcreateResponseBody'
        '404':
          description: 'not_found: Not Found response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DataModelAPI.ExistsError'
    put:
      tags:
        - data model
      summary: put data model
      description: put creates or updates a data model
      operationId: data model#put
      parameters:
        - name: id
          in: path
          description: the id of the data model
          required: true
          schema:
            type: string
            description: the id of the data model
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/DataModelAPI.ModifyDataModel'
      responses:
        '200':
          description: 200 returned if the item already existed
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DataModelAPI.DataModelcreateResponseBody'
        '201':
          description: 201 returned if the item was created
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DataModelAPI.DataModelcreateResponseBody'
        '400':
          description: 'bad_request: Bad Request response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/DataModelAPI.ExistsError'
  /globals:
    get:
      tags:
        - global
      summary: list globals
      operationId: global#list
      parameters:
        - name: cursor
          in: query
          description: the pagination token
          allowEmptyValue: true
          schema:
            type: string
            description: the pagination token
        - name: limit
          in: query
          description: the maximum results to return
          allowEmptyValue: true
          schema:
            type: integer
            description: the maximum results to return
            default: 100
            format: int64
      responses:
        '200':
          description: OK response.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GlobalAPI.ListResp'
    post:
      tags:
        - global
      summary: create global
      operationId: global#create
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/GlobalAPI.CreateRequestBody'
      responses:
        '200':
          description: OK response.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GlobalAPI.Global'
        '400':
          description: 'bad_request: Bad Request response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GlobalAPI.ExistsError'
        '409':
          description: 'exists: Conflict response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GlobalAPI.ExistsError'
  /globals/{id}:
    delete:
      tags:
        - global
      summary: delete global
      operationId: global#delete
      parameters:
        - name: id
          in: path
          description: ID of the global to delete
          required: true
          schema:
            type: string
            description: ID of the global to delete
      responses:
        '204':
          description: No Content response.
        '400':
          description: 'bad_request: Bad Request response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GlobalAPI.ExistsError'
        '404':
          description: 'not_found: Not Found response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GlobalAPI.ExistsError'
    get:
      tags:
        - global
      summary: get global
      operationId: global#get
      parameters:
        - name: id
          in: path
          description: ID of the global to fetch
          required: true
          schema:
            type: string
            description: ID of the global to fetch
      responses:
        '200':
          description: OK response.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GlobalAPI.Global'
        '404':
          description: 'not_found: Not Found response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GlobalAPI.ExistsError'
    put:
      tags:
        - global
      summary: put global
      description: put creates or updates a global
      operationId: global#put
      parameters:
        - name: id
          in: path
          description: The id of the global
          required: true
          schema:
            type: string
            description: The id of the global
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/GlobalAPI.PutRequestBody'
      responses:
        '200':
          description: 200 returned if the item already existed
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GlobalAPI.PutGlobalResp'
        '201':
          description: 201 returned if the item was created
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GlobalAPI.PutGlobalResp'
        '400':
          description: 'bad_request: Bad Request response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/GlobalAPI.ExistsError'
  /policies:
    get:
      tags:
        - policy
      summary: list policies
      operationId: policy#list
      parameters:
        - name: cursor
          in: query
          description: the pagination token
          allowEmptyValue: true
          schema:
            type: string
            description: the pagination token
        - name: limit
          in: query
          description: the maximum results to return
          allowEmptyValue: true
          schema:
            type: integer
            description: the maximum results to return
            default: 100
            format: int64
      responses:
        '200':
          description: OK response.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PolicyAPI.ListResp'
    post:
      tags:
        - policy
      summary: create policy
      operationId: policy#create
      parameters:
        - name: run-tests-first
          in: query
          description: set this field to false to exclude running tests prior to saving
          allowEmptyValue: true
          schema:
            type: boolean
            description: set this field to false to exclude running tests prior to saving
            default: true
        - name: run-tests-only
          in: query
          description: set this field to true if you want to run tests without saving
          allowEmptyValue: true
          schema:
            type: boolean
            description: set this field to true if you want to run tests without saving
            default: false
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PolicyAPI.ModifyPolicy'
      responses:
        '200':
          description: OK response.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PolicyAPI.PolicycreateResponseBody'
        '204':
          description: No Content response.
        '400':
          description: 'bad_request: Bad Request response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PolicyAPI.BadRequestWithTestResultsErr'
        '409':
          description: 'exists: Conflict response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PolicyAPI.ExistsError'
  /policies/{id}:
    delete:
      tags:
        - policy
      summary: delete policy
      operationId: policy#delete
      parameters:
        - name: id
          in: path
          description: ID of the policy to delete
          required: true
          schema:
            type: string
            description: ID of the policy to delete
      responses:
        '204':
          description: No Content response.
        '400':
          description: 'bad_request: Bad Request response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PolicyAPI.BadRequestWithTestResultsErr'
        '404':
          description: 'not_found: Not Found response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PolicyAPI.ExistsError'
    get:
      tags:
        - policy
      summary: get policy
      operationId: policy#get
      parameters:
        - name: id
          in: path
          description: the id of the policy to fetch
          required: true
          schema:
            type: string
            description: the id of the policy to fetch
      responses:
        '200':
          description: OK response.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PolicyAPI.PolicycreateResponseBody'
        '404':
          description: 'not_found: Not Found response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PolicyAPI.ExistsError'
    put:
      tags:
        - policy
      summary: put policy
      description: put creates or updates a policy
      operationId: policy#put
      parameters:
        - name: run-tests-first
          in: query
          description: set this field to false to exclude running tests prior to saving
          allowEmptyValue: true
          schema:
            type: boolean
            description: set this field to false to exclude running tests prior to saving
            default: true
        - name: run-tests-only
          in: query
          description: set this field to true if you want to run tests without saving
          allowEmptyValue: true
          schema:
            type: boolean
            description: set this field to true if you want to run tests without saving
            default: false
        - name: id
          in: path
          description: the id of the policy
          required: true
          schema:
            type: string
            description: the id of the policy
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/PolicyAPI.ModifyPolicy'
      responses:
        '200':
          description: 200 returned if the item already existed
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PolicyAPI.PolicycreateResponseBody'
        '201':
          description: 201 returned if the item was created
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PolicyAPI.PolicycreateResponseBody'
        '204':
          description: No Content response.
        '400':
          description: 'bad_request: Bad Request response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PolicyAPI.BadRequestWithTestResultsErr'
  /queries:
    get:
      tags:
        - query
      summary: list queries
      operationId: query#list
      parameters:
        - name: cursor
          in: query
          description: the pagination token
          allowEmptyValue: true
          schema:
            type: string
            description: the pagination token
        - name: limit
          in: query
          description: the maximum results to return
          allowEmptyValue: true
          schema:
            type: integer
            description: the maximum results to return
            default: 100
            format: int64
      responses:
        '200':
          description: OK response.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/QueryAPI.ListResp'
    post:
      tags:
        - query
      summary: create query
      operationId: query#create
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/QueryAPI.CreateRequestBody'
      responses:
        '200':
          description: OK response.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/QueryAPI.Query'
        '400':
          description: 'bad_request: Bad Request response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/QueryAPI.ExistsError'
        '409':
          description: 'exists: Conflict response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/QueryAPI.ExistsError'
  /queries/{id}:
    delete:
      tags:
        - query
      summary: delete query
      operationId: query#delete
      parameters:
        - name: id
          in: path
          description: ID of the query to delete
          required: true
          schema:
            type: string
            description: ID of the query to delete
      responses:
        '204':
          description: No Content response.
        '400':
          description: 'bad_request: Bad Request response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/QueryAPI.ExistsError'
        '404':
          description: 'not_found: Not Found response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/QueryAPI.ExistsError'
    get:
      tags:
        - query
      summary: get query
      operationId: query#get
      parameters:
        - name: id
          in: path
          description: ID of the query to fetch
          required: true
          schema:
            type: string
            description: ID of the query to fetch
      responses:
        '200':
          description: OK response.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/QueryAPI.Query'
        '404':
          description: 'not_found: Not Found response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/QueryAPI.ExistsError'
    post:
      tags:
        - query
      summary: update query
      description: put creates or updates a query
      operationId: query#update
      parameters:
        - name: id
          in: path
          required: true
          schema:
            type: string
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/QueryAPI.CreateRequestBody'
      responses:
        '200':
          description: OK response.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/QueryAPI.Query'
        '400':
          description: 'bad_request: Bad Request response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/QueryAPI.ExistsError'
        '404':
          description: 'not_found: Not Found response.'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/QueryAPI.ExistsError'
  /rules:
    get:
      tags:
        - rule
      summary: list rules
      operationId: rule#list
      parameters:
        - name: cursor
          in: query
          description: the pagination token
          allowEmptyValue: true
          schema:
            type: string
            description: the pagination token
        - name: limit
          in: query
          description: the maximum results to return
          allowEmptyValue: true
          schema:
            type: integer
            description: the maximum results to return
            default: 100
            format: int64
      responses:
        '200':
          description: OK response.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RuleAPI.ListResp'
    post:
      tags:
        - rule
      summary: create rule
      operationId: rule#create
      parameters:
        - name: run-tests-first
          in: query
          description: set this field to false to exclude running tests prior to saving
          allowEmptyValue: true
          schema:
            type: boolean
            description: set this field to false to exclude running tests prior to saving
            default: true
        - name: run-tests-only
          in: query
          description: set this field to true if you want to run tests without saving
          allowEmptyValue: true
          schema:
            type: boolean
            description: set this field to true if you want to run tests without saving
            default: false