CG Scanning API V2
latest
  • latest
  • 5.2.0
  • 5.3.0
HomeDocs
HomeDocs
latest
  • latest
  • 5.2.0
  • 5.3.0
  1. Authentication
  • Getting Started
  • Authentication
  • Common Error Responses
  • Filtering Data
  • Authentication
    • User Confirmation
      • Confirm a User
      • Show confirmation form
    • User Invitation
      • Accept an invitation
      • Pre-Accept invitation check
    • Password Reset
      • Forgot Password
      • Reset Password
    • Impersonation
      • Impersonate user
      • Impersonate user
    • MFA
      • Check 2fa
      • Send SMS OTP
    • Sign in authentication
      POST
    • Sign in with recovery code
      POST
    • Sign out authentication
      DELETE
    • SSO Link login
      GET
  • Targets
    • List targets
      GET
    • Create Target
      POST
    • Show a target
      GET
    • Updates a target
      PUT
    • Delete a target
      DELETE
    • Delete targets
      DELETE
  • Scans
    • Scan Histories
      • List of history for a scan
      • History details for a scan
    • Scan Hosts
      • List of hosts for a scan
      • Host details for a scan
    • Scan Vulnerabilities
      • List of vulnerabilities for a scan
      • Show vulnerability details
      • Statistics for a scan
    • List scans
      GET
    • Create Scan
      POST
    • Show a scan
      GET
    • Updates a scan
      PUT
    • Delete a scan
      DELETE
    • Delete scans
      DELETE
    • Start a scan
      POST
    • Stop a scan
      POST
    • List upcoming scans
      GET
    • List recent scans that have been completed
      GET
    • List of the running scans
      GET
    • Create Scan from Wizard
      POST
  • Reports
    • List Reports
    • Show a report
    • Delete a report
    • Delete reports
    • Generates a report file
    • Downloads a report file
    • Check if a report file exists
    • Verifies file integrity by comparing hashes
  • Vulnerabilities
    • List of vulnerabilities
    • Vulnerability details
    • Total Vulnerabilities (widget)
    • Top Vulnerabilities (widget)
    • PCI Compliant (widget)
    • Send prompt about a given Vulnerability
    • Chat history about a given Vulnerability
  • Exceptions
    • List Exceptions
    • Create Exception
    • Update Exception
    • Show an exception
    • Delete an exception
    • Show exception details
    • Delete exceptions
    • Activate exceptions
    • Reset exceptions
    • Show the exceptions statistics
  • Schedules
    • List Schedules
    • Create Schedule
    • Updates a schedule
    • Show a schedule
    • Delete a schedule
    • Delete schedules
    • Calculate First Time Schedule Date
    • Calculate Next Schedule Dates
  • Webhooks
    • Deliveries
      • List all deliveries for a webhook
      • Get a delivery for a webhook
    • List all webhooks
    • Create a webhook
    • Show a webhook
    • Update a webhook
    • Delete a webhook
    • Activate a webhook
    • Deactivate a webhook
  • Advanced Reports
    • List Advanced Reports
    • Create an advanced report
    • Show an advanced report
    • Update an advanced report
    • Delete an advanced report
    • Delete advanced reports
    • Generates an advanced report file
    • Downloads an advanced report file
  • Audit
    • Get all events
    • Get event by id
  • Notifications
    • List Notifications
    • Show a notification
    • Delete a notification
    • Mark as read a notification
    • Mark as seen a notification
    • Mark as read all notifications
    • Mark as seen all notifications
  • Hosts
    • List of hosts
    • Host details
    • List of most vulnerable hosts
  • Scanners
    • List scanners
    • Create scanner
    • Show scanner
    • Update scanner
    • Delete scanner
    • List activated scanners
    • Activate scanner
    • Deactivate scanner
    • Update scanner app type
    • Assign a scanner to an organization
    • Verify a scanner
  • Port Lists
    • List port lists
    • Create a port list
    • Show a port list
    • Update a port list
    • Delete a port list
    • List activated port lists
    • Add a port range to a port list
    • Delete a port range to a port list
    • Activate a port list
    • Deactivate a port list
    • Updates the app_type of a port list
    • Sync the a port lists
  • User
    • User 2FA
      • Enable 2FA
      • Verify 2FA installation
      • Disable 2FA
      • Lookup phone number
      • Default 2FA method
      • Generate Recovery Codes
      • Get Recovery Codes
    • User Preferences
      • Get users notification preferences
      • Change users product
      • Enable user's event notification preference
      • Disable user's event notification preference
    • Get current user
    • Update current user
    • Change current user password
    • Get current user active plans (Not implemented yet)
    • Get organization members
    • Get current user products
    • Get current organization
    • Update current organization
    • Get subscriptions history
    • Change users product
    • Checks if authorization token is valid
    • Get current user permissions
    • Check if the user can be deleted
    • Delete my account
    • Generates a new access token
    • Revokes the current access token
    • Transfers all the resources from the user to another user
  • Organizations
    • Organization Subscriptions
      • Retrieves all subscriptions of organization
      • Retrieves all active subscriptions of organization
      • Show a subscription of organization
      • Update organization's subscription
      • Assign features to a subscription
      • Revoke features from a subscription
    • Subscribe to a plan
    • List organizations
    • Create Organization
    • List dependent subscriptions
    • Retrieve an organization
    • Update an organization
    • Delete an organization
    • Subscribe an organization to a plan
    • Unsubscribe an organization from a plan
    • Change users Organization
    • Export organizations
  • Users
    • List Users
    • Create User
    • Show User
    • Update User
    • Delete a User
    • Create Customer
    • Invite User
    • Resend Confirmation Instructions
    • Import Users
    • Check if a user can be deleted
    • Inherit all the resources from a user
    • Export all users to a CSV file
    • Set partner
    • Unset partner
  • Whitelabel Settings
    • Show the white label settings
    • Show the white label settings
    • Update white label settings
  1. Authentication

Sign in authentication

POST
/auth/sign_in
Last modified:2025-09-01 18:52:30
This endpoint allows users to authenticate using their username and password.
Depending on whether the user has Two-Factor Authentication (2FA) enabled,
the authentication flow will vary:
1.
Without 2FA: Provide the username and password in the request. Upon successful authentication,
the endpoint will return an authentication token to be used in subsequent requests.
2.
With 2FA:
First, provide the username and password in the request.
The endpoint will not return a token immediately.
Instead, it will return an otp_session_state, which represents the current 2FA session.
Next, use the same endpoint (/auth/sign_in) with the following parameters: otp_attempt
and otp_session_state.
Upon successful 2FA verification, the endpoint will return the authentication token.

Request

Authorization
API Key
Add parameter in header
x-api-key
Example:
x-api-key: ********************
or
Body Params application/json

Examples

Responses

🟢200OK
application/json
Successful Sign In
Body

🟠401Unauthorized
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request POST '/auth/sign_in' \
--header 'x-api-key: <api-key>' \
--header 'Content-Type: application/json' \
--data-raw '{
    "username": "alice",
    "password": "secret123"
}'
Response Response Example
200 - Example 1
{
    "status": 200,
    "status_text": "OK",
    "username": "john_doe",
    "token": "string",
    "sign_in_count": 10,
    "role": "User",
    "timezone": "UTC",
    "verified": true,
    "provider": "email",
    "organization": {
        "uuid": "095be615-a8ad-4c33-8e9c-c7612fbf6c9f",
        "name": "Example Organization"
    }
}
Modified at 2025-09-01 18:52:30
Previous
Send SMS OTP
Next
Sign in with recovery code
Built with