Products API¶
Manage software inventory products via the API.
List Products¶
Retrieve a paginated list of software products in your inventory.
Query Parameters¶
| Parameter | Type | Description |
|---|---|---|
page | integer | Page number (default: 1) |
per_page | integer | Items per page (default: 50, max: 200) |
search | string | Search by product name |
vendor | string | Filter by vendor |
criticality | integer | Filter by criticality (1-5) |
has_vulnerabilities | boolean | Only show products with matched CVEs |
organization_id | integer | Filter by organization |
sort | string | Sort field: name, vendor, created_at, criticality |
order | string | Sort order: asc or desc |
Example¶
curl "https://sentrikat.example.com/api/products?vendor=Microsoft&has_vulnerabilities=true&per_page=10" \
-H "Authorization: Bearer <token>"
Response¶
{
"items": [
{
"id": 1,
"name": "Microsoft Edge",
"version": "120.0.2210.91",
"vendor": "Microsoft Corporation",
"cpe": "cpe:2.3:a:microsoft:edge:120.0.2210.91:*:*:*:*:*:*:*",
"criticality": 3,
"asset_count": 45,
"vulnerability_count": 2,
"organization_id": 1,
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-02-01T08:00:00Z"
}
],
"total": 156,
"page": 1,
"per_page": 10,
"pages": 16
}
Get Product¶
Retrieve a single product by ID.
Response¶
{
"id": 1,
"name": "Microsoft Edge",
"version": "120.0.2210.91",
"vendor": "Microsoft Corporation",
"cpe": "cpe:2.3:a:microsoft:edge:120.0.2210.91:*:*:*:*:*:*:*",
"criticality": 3,
"asset_count": 45,
"vulnerability_count": 2,
"organization_id": 1,
"assets": [
{"id": 1, "hostname": "ws-001"},
{"id": 2, "hostname": "ws-002"}
],
"vulnerabilities": [
{"cve_id": "CVE-2024-0001", "severity": "high"}
],
"created_at": "2024-01-15T10:30:00Z",
"updated_at": "2024-02-01T08:00:00Z"
}
Create Product¶
Manually add a product to the inventory.
POST /api/products
Authorization: Bearer <token>
Content-Type: application/json
{
"name": "Custom Application",
"version": "2.1.0",
"vendor": "Internal",
"cpe": "cpe:2.3:a:internal:custom_application:2.1.0:*:*:*:*:*:*:*",
"criticality": 4,
"organization_id": 1
}
Response¶
{
"id": 157,
"name": "Custom Application",
"version": "2.1.0",
"vendor": "Internal",
"cpe": "cpe:2.3:a:internal:custom_application:2.1.0:*:*:*:*:*:*:*",
"criticality": 4,
"organization_id": 1,
"created_at": "2024-02-01T12:00:00Z"
}
Update Product¶
Update product details.
PATCH /api/products/{id}
Authorization: Bearer <token>
Content-Type: application/json
{
"criticality": 5,
"cpe": "cpe:2.3:a:internal:custom_application:2.1.0:*:*:*:*:*:*:*"
}
Delete Product¶
Remove a product from the inventory.
Response: 204 No Content
Warning
Deleting a product removes all associated vulnerability matches. Asset associations are preserved in history.
Bulk Operations¶
Bulk Import¶
Import multiple products at once:
POST /api/products/bulk
Authorization: Bearer <token>
Content-Type: application/json
{
"products": [
{"name": "nginx", "version": "1.24.0", "vendor": "F5, Inc."},
{"name": "PostgreSQL", "version": "15.4", "vendor": "PostgreSQL Global Development Group"}
],
"organization_id": 1
}
Bulk Delete¶
DELETE /api/products/bulk
Authorization: Bearer <token>
Content-Type: application/json
{
"ids": [10, 11, 12]
}
Product Criticality¶
Criticality levels determine alert priority:
| Level | Label | Description |
|---|---|---|
| 1 | Low | Non-critical utility software |
| 2 | Medium | Standard business applications |
| 3 | High | Important infrastructure |
| 4 | Critical | Core business systems |
| 5 | Essential | Security-critical, internet-facing |