> ## Documentation Index
> Fetch the complete documentation index at: https://docs.endorlabs.com/llms.txt
> Use this file to discover all available pages before exploring further.
## Submitting Feedback
If you encounter incorrect, outdated, or confusing documentation on this page, submit feedback:
POST https://docs.endorlabs.com/feedback
```json
{
"path": "/api-reference/notificationtargetservice/updatenotificationtarget",
"feedback": "Description of the issue"
}
```
Only submit feedback when you have something specific and actionable to report.
# UpdateNotificationTarget
> Updates a notification target.
## OpenAPI
````yaml /api-reference/openapi.v3.json patch /v1/namespaces/{object.tenant_meta.namespace}/notification-targets
openapi: 3.0.3
info:
description: Integrate your application with Endor Labs using the REST API.
title: Endor Labs REST API Reference
version: '1.0'
servers:
- url: https://api.endorlabs.com/
security: []
tags:
- name: AISastCustomerContextService
- name: APIKeyService
- name: APIKeyValidatorService
- name: ArtifactSignatureService
- name: AuditLogService
- name: AuthenticationLogService
- name: AuthenticationService
- name: AuthorizationPolicyService
- name: BatchFileSegmentsService
- name: BatchNotificationService
- name: CallGraphDataService
- name: CodeOwnersService
- name: DependencyMetadataService
- name: EndorIgnoreEntryService
- name: ExporterService
- name: FindingLogService
- name: FindingService
- name: HuggingFaceModelService
- name: HuggingFaceOrganizationService
- name: IPAddressPolicyService
- name: IdentityProviderService
- name: InstallationService
- name: InvitationService
- name: LicenseDependencyService
- name: LicenseNoticesReportService
- name: LicenseSummaryService
- name: LinterResultService
- name: MalwareService
- name: MetricService
- name: NamespaceService
- name: NotificationService
- name: NotificationTargetService
- name: OnPremSchedulerService
- name: PRCommentConfigService
- name: PackageFirewallLogService
- name: PackageLicenseOverrideService
- name: PackageLicenseQueryService
- name: PackageLicenseService
- name: PackageManagerService
- name: PackageVersionService
- name: PluginBinaryService
- name: PolicyService
- name: PolicyTemplateService
- name: ProjectService
- name: ProvisioningResultService
- name: QueryMalwareService
- name: QueryService
- name: QuerySimilarPackagesService
- name: QueryVulnerabilityService
- name: RegistryIngestionCheckpointService
- name: RepositoryService
- name: RepositoryVersionService
- name: RuleSetImportService
- name: SBOMExportService
- name: SBOMImportService
- name: SCMCredentialService
- name: SavedQueryService
- name: ScanLogRequestService
- name: ScanProfileService
- name: ScanResultService
- name: ScanWorkflowResultService
- name: ScanWorkflowService
- name: SecretRuleService
- name: SemgrepRuleService
- name: SystemConfigService
- name: TenantService
- name: VEXExportService
- name: VectorStoreService
- name: VersionUpgradeService
- name: VulnerabilityService
paths:
/v1/namespaces/{object.tenant_meta.namespace}/notification-targets:
patch:
tags:
- NotificationTargetService
summary: UpdateNotificationTarget
description: Updates a notification target.
operationId: NotificationTargetService_UpdateNotificationTarget
parameters:
- description: >-
Namespaces are a way to organize organizational units into virtual
groupings of resources. Namespaces must be a fully qualified name,
for example, the child namespace of namespace "endor.prod" called
"app"
is called "endor.prod.app".
in: path
name: object.tenant_meta.namespace
required: true
schema:
type: string
x-endor-name: Namespace
requestBody:
content:
application/json:
schema:
$ref: >-
#/components/schemas/NotificationTargetServiceUpdateNotificationTargetBody
required: true
x-originalParamName: body
responses:
'200':
content:
application/json:
schema:
$ref: '#/components/schemas/v1NotificationTarget'
description: A successful response.
default:
content:
application/json:
schema:
$ref: '#/components/schemas/googlerpcStatus'
description: An unexpected error response.
components:
schemas:
NotificationTargetServiceUpdateNotificationTargetBody:
description: Request to update the notification target.
properties:
object:
description: Indicates actions taken when a corresponding notification is raised.
properties:
meta:
$ref: '#/components/schemas/v1Meta'
propagate:
description: >-
Indicates whether the object should be visible in the child
namespaces or not.
type: boolean
spec:
$ref: '#/components/schemas/v1NotificationTargetSpec'
tenant_meta:
description: Notification Targets are associated with a tenant.
title: Notification Targets are associated with a tenant.
type: object
uuid:
description: The UUID of the notification target.
readOnly: true
type: string
type: object
request:
$ref: '#/components/schemas/v1UpdateRequest'
required:
- meta
- spec
type: object
v1NotificationTarget:
description: Indicates actions taken when a corresponding notification is raised.
properties:
meta:
$ref: '#/components/schemas/v1Meta'
propagate:
description: >-
Indicates whether the object should be visible in the child
namespaces or not.
type: boolean
spec:
$ref: '#/components/schemas/v1NotificationTargetSpec'
tenant_meta:
$ref: '#/components/schemas/v1TenantMeta'
uuid:
description: The UUID of the notification target.
readOnly: true
type: string
required:
- meta
- spec
type: object
googlerpcStatus:
description: >-
The `Status` type defines a logical error model that is suitable for
different programming environments, including REST APIs and RPC APIs. It
is
used by [gRPC](https://github.com/grpc). Each `Status` message contains
three pieces of data: error code, error message, and error details.
You can find out more about this error model and how to work with it in
the
[API Design Guide](https://cloud.google.com/apis/design/errors).
properties:
code:
description: |-
The status code, which should be an enum value of
[google.rpc.Code][google.rpc.Code].
format: int32
type: integer
details:
description: >-
A list of messages that carry the error details. There is a common
set of
message types for APIs to use.
items:
$ref: '#/components/schemas/googleprotobufAny'
type: array
message:
description: >-
A developer-facing error message, which should be in English. Any
user-facing error message should be localized and sent in the
[google.rpc.Status.details][google.rpc.Status.details] field, or
localized
by the client.
type: string
type: object
v1Meta:
description: Common fields for all Endor Labs resources.
properties:
annotations:
additionalProperties:
type: string
description: >-
Annotations can be used to attach metadata to a resource message.
Annotation values can be small or large, structured or unstructured,
and may include characters not permitted by labels.
The keys may contain alphanumerics, underscores (_), dots (.) and
dashes
(-). The values of an annotation must be 16384 bytes or smaller.
type: object
create_time:
description: |-
Time the resource was created.
Format: 2017-01-15T01:30:15.01Z
RFC 3339: https://www.ietf.org/rfc/rfc3339.txt.
format: date-time
readOnly: true
type: string
created_by:
description: |-
Name and authentication source of the user who created the object,
for example, ewok@endor.ai@google@api-key.
readOnly: true
type: string
description:
description: Resource description. Must be less than 1024 bytes.
type: string
index_data:
$ref: '#/components/schemas/v1IndexData'
kind:
description: >-
Resource kind, for example, HelloResponse.
Auto-generated using the protobuf message
proto.MessageName().Name().
readOnly: true
type: string
name:
description: Resource name. Must be 63 characters or less.
type: string
parent_kind:
description: Parent object resource kind, for example, Project.
type: string
parent_uuid:
description: Parent object UUID.
type: string
references:
additionalProperties:
$ref: '#/components/schemas/googleprotobufAny'
description: Map of objects referenced in a query API.
readOnly: true
type: object
tags:
description: >-
List of tags attached to the resource.
Tags can be used to select objects and to find collections of
objects that
satisfy certain conditions. A tag must be 255 characters or less.
items:
type: string
type: array
update_time:
description: |-
Time the resource was last updated.
Note: Updated on all create/patch/delete operations.
Format: 2017-01-15T01:30:15.01Z
RFC 3339: https://www.ietf.org/rfc/rfc3339.txt.
format: date-time
readOnly: true
type: string
updated_by:
description: >-
Name and authentication source of the last user who updated the
object,
for example, vulnerabilityingestor@endor.ai@x509.
readOnly: true
type: string
upsert_time:
description: |-
Time the resource was last upserted.
Note:
create_time is only set the first time the resource is created.
upsert_time is set every time the resource is upseted.
Format: 2017-01-15T01:30:15.01Z
RFC 3339: https://www.ietf.org/rfc/rfc3339.txt.
format: date-time
readOnly: true
type: string
version:
description: Message version.
readOnly: true
type: string
required:
- name
type: object
v1NotificationTargetSpec:
properties:
action:
$ref: '#/components/schemas/NotificationTargetNotificationTargetAction'
custom_template:
$ref: '#/components/schemas/v1CustomTemplate'
required:
- action
type: object
v1UpdateRequest:
description: Message used for all update requests.
properties:
force:
description: |-
Force will force the update of the resource if any
checks fail.
type: boolean
update_mask:
description: Fields to update. Defaults to all fields.
type: string
type: object
v1TenantMeta:
description: Tenant related data for the tenant containing the resource.
properties:
namespace:
description: >-
Namespaces are a way to organize organizational units into virtual
groupings of resources. Namespaces must be a fully qualified name,
for example, the child namespace of namespace "endor.prod" called
"app"
is called "endor.prod.app".
type: string
required:
- namespace
type: object
googleprotobufAny:
additionalProperties: {}
description: >-
`Any` contains an arbitrary serialized protocol buffer message along
with a
URL that describes the type of the serialized message.
Protobuf library provides support to pack/unpack Any values in the form
of utility functions or additional generated methods of the Any type.
Example 1: Pack and unpack a message in C++.
Foo foo = ...;
Any any;
any.PackFrom(foo);
...
if (any.UnpackTo(&foo)) {
...
}
Example 2: Pack and unpack a message in Java.
Foo foo = ...;
Any any = Any.pack(foo);
...
if (any.is(Foo.class)) {
foo = any.unpack(Foo.class);
}
// or ...
if (any.isSameTypeAs(Foo.getDefaultInstance())) {
foo = any.unpack(Foo.getDefaultInstance());
}
Example 3: Pack and unpack a message in Python.
foo = Foo(...)
any = Any()
any.Pack(foo)
...
if any.Is(Foo.DESCRIPTOR):
any.Unpack(foo)
...
Example 4: Pack and unpack a message in Go
foo := &pb.Foo{...}
any, err := anypb.New(foo)
if err != nil {
...
}
...
foo := &pb.Foo{}
if err := any.UnmarshalTo(foo); err != nil {
...
}
The pack methods provided by protobuf library will by default use
'type.googleapis.com/full.type.name' as the type URL and the unpack
methods only use the fully qualified type name after the last '/'
in the type URL, for example "foo.bar.com/x/y.z" will yield type
name "y.z".
JSON
====
The JSON representation of an `Any` value uses the regular
representation of the deserialized, embedded message, with an
additional field `@type` which contains the type URL. Example:
package google.profile;
message Person {
string first_name = 1;
string last_name = 2;
}
{
"@type": "type.googleapis.com/google.profile.Person",
"firstName": ,
"lastName":
}
If the embedded message type is well-known and has a custom JSON
representation, that representation will be embedded adding a field
`value` which holds the custom JSON in addition to the `@type`
field. Example (for message [google.protobuf.Duration][]):
{
"@type": "type.googleapis.com/google.protobuf.Duration",
"value": "1.212s"
}
properties:
'@type':
description: >-
A URL/resource name that uniquely identifies the type of the
serialized
protocol buffer message. This string must contain at least
one "/" character. The last segment of the URL's path must represent
the fully qualified name of the type (as in
`path/google.protobuf.Duration`). The name should be in a canonical
form
(e.g., leading "." is not accepted).
In practice, teams usually precompile into the binary all types that
they
expect it to use in the context of Any. However, for URLs which use
the
scheme `http`, `https`, or no scheme, one can optionally set up a
type
server that maps type URLs to message definitions as follows:
* If no scheme is provided, `https` is assumed.
* An HTTP GET on the URL must yield a [google.protobuf.Type][]
value in binary format, or produce an error.
* Applications are allowed to cache lookup results based on the
URL, or have them precompiled into a binary to avoid any
lookup. Therefore, binary compatibility needs to be preserved
on changes to types. (Use versioned type names to manage
breaking changes.)
Note: this functionality is not currently available in the official
protobuf release, and it is not used for type URLs beginning with
type.googleapis.com. As of May 2023, there are no widely used type
server
implementations and no plans to implement one.
Schemes other than `http`, `https` (or the empty scheme) might be
used with implementation specific semantics.
type: string
type: object
v1IndexData:
description: |-
IndexData is used to index the resource for search. It's an internal
object.
properties:
data:
items:
type: string
readOnly: true
type: array
search_score:
description: >-
search_score is the score of the resource for search. Internal use
only.
format: float
readOnly: true
type: number
tenant:
readOnly: true
type: string
will_be_deleted_at:
description: Time that the resource will be deleted.
format: date-time
readOnly: true
type: string
type: object
NotificationTargetNotificationTargetAction:
properties:
action_type:
$ref: '#/components/schemas/NotificationTargetActionActionType'
email_config:
$ref: '#/components/schemas/v1EMailConfig'
exclude_endor_url:
description: >-
Excludes the URL to access the Endor Labs app which provides the
notification details.
type: boolean
github_pr_config:
$ref: '#/components/schemas/v1GitHubPRConfig'
jira_config:
$ref: '#/components/schemas/v1JIRAConfig'
public:
description: >-
Indicates if the action endpoint is public.
If the endpoint not public, then endorctl attempts to create the
action as if the endpoint is running on-prem.
type: boolean
slack_config:
$ref: '#/components/schemas/v1SlackConfig'
vanta_config:
$ref: '#/components/schemas/v1VantaConfig'
webhook_config:
$ref: '#/components/schemas/v1WebhookConfig'
required:
- action_type
type: object
v1CustomTemplate:
description: CustomTemplate is the type specific custom template.
properties:
email_template:
$ref: '#/components/schemas/v1EmailTemplate'
prcomments_template:
$ref: '#/components/schemas/v1PRCommentsTemplate'
slack_template:
$ref: '#/components/schemas/v1SlackTemplate'
template_type:
$ref: '#/components/schemas/v1CustomTemplateType'
webhook_template:
$ref: '#/components/schemas/v1WebhookTemplate'
required:
- template_type
type: object
NotificationTargetActionActionType:
default: ACTION_TYPE_UNSPECIFIED
description: |2-
- ACTION_TYPE_WEBHOOK: ACTION_TYPE_WEBHOOK indicates a webhook call action.
- ACTION_TYPE_JIRA: ACTION_TYPE_JIRA indicates a JIRA action.
- ACTION_TYPE_EMAIL: ACTION_TYPE_EMAIL indicates an email action.
- ACTION_TYPE_VANTA: ACTION_TYPE_VANTA indicates configuration of a Vanta plugin.
- ACTION_TYPE_SLACK: ACTION_TYPE_SLACK indicates a Slack integration.
- ACTION_TYPE_GITHUB_PR: ACTION_TYPE_GITHUB_PR indicates a GitHub PR action.
enum:
- ACTION_TYPE_UNSPECIFIED
- ACTION_TYPE_WEBHOOK
- ACTION_TYPE_JIRA
- ACTION_TYPE_EMAIL
- ACTION_TYPE_VANTA
- ACTION_TYPE_SLACK
- ACTION_TYPE_GITHUB_PR
type: string
v1EMailConfig:
properties:
receivers_addresses:
items:
type: string
type: array
required:
- receivers_addresses
type: object
v1GitHubPRConfig:
properties:
enabled:
type: boolean
required:
- enabled
type: object
v1JIRAConfig:
properties:
api_key:
description: The API Key to authenticate with Jira.
type: string
bearer_token:
description: The bearer token to authenticate with Jira.
type: string
cloud_id:
description: >-
The Jira Cloud ID required to route API requests through the
Atlassian API gateway.
readOnly: true
type: string
components:
description: The Components field in Jira board.
items:
type: string
type: array
custom_fields:
items:
$ref: '#/components/schemas/JIRAConfigCustomField'
title: user defined custom fields
type: array
issue_type:
$ref: '#/components/schemas/JIRAConfigJiraIssueType'
jira_issue_type:
type: string
labels:
description: The labels to apply to the Jira issue.
items:
type: string
type: array
project_key:
description: >-
The project key in which the Jira issue is raised as an action for
the notification.
type: string
resolve_state:
description: The final ticket status after resolving.
type: string
url:
description: The Jira endpoint.
type: string
use_bearer_token:
description: Denotes if we should use bearer token to authenticate with Jira.
type: boolean
user_name:
description: The user name to authenticate with Jira.
type: string
required:
- url
- project_key
- labels
type: object
v1SlackConfig:
properties:
webhook_url:
type: string
required:
- webhook_url
type: object
v1VantaConfig:
properties:
access_token_auth:
$ref: '#/components/schemas/VantaConfigVantaAccessTokenAuth'
api_key:
type: string
auth_method:
$ref: '#/components/schemas/VantaConfigVantaAuthMethod'
package_vulnerability_resource_id:
description: The Resource ID of the package vulnerability created in Vanta.
type: string
sca_resource_id:
description: >-
The Resource ID of the static code analysis vulnerabilities created
in Vanta.
type: string
vulnerable_component_resource_id:
description: The Resource ID of the vulnerable component created in Vanta.
type: string
required:
- auth_method
- vulnerable_component_resource_id
type: object
v1WebhookConfig:
properties:
api_key:
type: string
auth_method:
$ref: '#/components/schemas/WebhookConfigWebhookAuthMethod'
basic_auth:
$ref: '#/components/schemas/WebhookConfigWebhookBasicAuth'
custom_headers:
description: >-
Additional HTTP headers attached to every webhook request, evaluated
independently of auth_method. Enables forwarding to systems that
require non-Bearer auth headers (Datadog, Splunk, New Relic,
Elastic).
items:
$ref: '#/components/schemas/WebhookConfigWebhookHeader'
type: array
disable_hmac:
type: boolean
hmac_shared_secret:
type: string
url:
type: string
required:
- url
- auth_method
type: object
v1EmailTemplate:
properties:
open_action_template:
description: The template to be used for OPEN action for email plugin.
type: string
resolve_action_template:
description: The template to be used for RESOLVE action for email plugin.
type: string
update_action_template:
description: The template to be used for UPDATE action for email plugin.
type: string
type: object
v1PRCommentsTemplate:
properties:
findings_summary_template:
description: The template for the PR comment for summary of findings.
type: string
required:
- findings_summary_template
type: object
v1SlackTemplate:
properties:
open_action_template:
description: The template to be used for OPEN action for slack plugin.
type: string
update_action_template:
description: The template to be used for UPDATE action for slack plugin.
type: string
type: object
v1CustomTemplateType:
default: CUSTOM_TEMPLATE_TYPE_UNSPECIFIED
enum:
- CUSTOM_TEMPLATE_TYPE_UNSPECIFIED
- CUSTOM_TEMPLATE_TYPE_PR_COMMENTS
- CUSTOM_TEMPLATE_TYPE_EMAIL
- CUSTOM_TEMPLATE_TYPE_SLACK
- CUSTOM_TEMPLATE_TYPE_WEBHOOK
type: string
v1WebhookTemplate:
properties:
open_action_template:
description: The template to be used for OPEN action for webhook plugin.
type: string
resolve_action_template:
description: The template to be used for RESOLVE action for webhook plugin.
type: string
update_action_template:
description: The template to be used for UPDATE action for webhook plugin.
type: string
type: object
JIRAConfigCustomField:
properties:
key:
type: string
value:
type: string
required:
- key
- value
type: object
JIRAConfigJiraIssueType:
default: JIRA_ISSUE_TYPE_UNSPECIFIED
description: >-
Deprecated: This enum will not be used. A string field will be used
instead.
- JIRA_ISSUE_TYPE_TASK: Indicates a Jira task.
- JIRA_ISSUE_TYPE_BUG: Indicates a Jira Bug.
enum:
- JIRA_ISSUE_TYPE_UNSPECIFIED
- JIRA_ISSUE_TYPE_TASK
- JIRA_ISSUE_TYPE_BUG
type: string
VantaConfigVantaAccessTokenAuth:
properties:
access_token:
readOnly: true
type: string
client_id:
type: string
client_secret:
type: string
type: object
VantaConfigVantaAuthMethod:
default: VANTA_AUTH_METHOD_UNSPECIFIED
description: |2-
- VANTA_AUTH_METHOD_ACCESS_TOKEN: Uses basic username and password and retrieves an ephemeral access token for authentication.
- VANTA_AUTH_METHOD_ACCESS_API_KEY: Uses an API key provided by the user.
Note: This is just a placeholder and not yet implemented.
enum:
- VANTA_AUTH_METHOD_UNSPECIFIED
- VANTA_AUTH_METHOD_ACCESS_TOKEN
- VANTA_AUTH_METHOD_ACCESS_API_KEY
type: string
WebhookConfigWebhookAuthMethod:
default: WEBHOOK_AUTH_METHOD_UNSPECIFIED
description: |2-
- WEBHOOK_AUTH_METHOD_NONE: Uses no authentication. Not recommended.
- WEBHOOK_AUTH_METHOD_BASIC: Uses basic username and password.
- WEBHOOK_AUTH_METHOD_API_KEY: Uses an API key as credentials.
enum:
- WEBHOOK_AUTH_METHOD_UNSPECIFIED
- WEBHOOK_AUTH_METHOD_NONE
- WEBHOOK_AUTH_METHOD_BASIC
- WEBHOOK_AUTH_METHOD_API_KEY
type: string
WebhookConfigWebhookBasicAuth:
properties:
password:
type: string
username:
type: string
type: object
WebhookConfigWebhookHeader:
description: |-
A single HTTP header attached to every webhook request, regardless of
the configured auth_method. Use this for vendor-specific auth headers
(e.g., DD-API-KEY for Datadog) or arbitrary metadata headers.
properties:
name:
description: >-
Header name. Must be a valid RFC 7230 token (letters, digits, and
!#$%&'*+-.^_`|~). Reserved names (Content-Type, Authorization when
an
auth_method other than NONE is set, X-Endor-HMAC-Signature, and
hop-by-hop headers) are rejected at send time.
type: string
value:
description: |-
Header value sent verbatim. Stored as a secret (encrypted at rest,
redacted in API responses) because values often hold API keys.
type: string
required:
- name
- value
type: object
````