Security Journey API v3
Security Journey provides Program Administrators access to a RESTful API; this can be used to generate custom reports within a BI tool or pull reporting metrics into your Learning Managment System (LMS) building management reports.
Generating an API Key
You must be a Security Journey Admin to have access to the API key generator. Keep in mind, if you are already using the v2 API and have an API key, the existing keys will work with the v3 API.
To generate a new API Key you will go to More > Admin > Settings > API. Follow the steps below:
-
Name your key
-
Click Generate
-
Copy the key and store it in a safe place
-
Click "Done"
If you don't click "Done" the key will not be saved and will be invalid. You should see this screen if the API Key was generated successfully.
Use this API key to authenticate against the v3 API by providing it in the Authorization header as a bearer token.
For example: Authorization: Bearer {my API token}
API Documentation
The v3 API route is: https://my.securityjourney.com/api/v3/public-reporting/{endpoint}
The available endpoints are:
| Function | Endpoint |
| Users progress in their levels and paths | /api/v3/public-reporting/enrollments |
| Users Details |
/api/v3/public-reporting/users |
| Users progress in assignments |
/api/v3/public-reporting/assignments |
| Users lesson attempt data (lessons started & completed) | /api/v3/public-reporting/lesson-attempts |
| Users progress in their paths |
/api/v3/public-reporting/progress |
| Users Champion Passport activity details |
/api/v3/public-reporting/activities |
Our v3 API has improved query and filtering parameters, such as text search, status filtering, date range filtering, include/exclude archived users, etc.
*June 2025 Update: We've increased the row limit to 10,000 and added data to the response that tells you how many rows there are and which rows your request has returned.
Example Responses
Optional Fields: company, jobRole, securityChampion (as seen below) will be included in the API response if they are uploaded to the Security Journey Platform. See article Learner Attributes for more details.
GET https://my.securityjourney.com/api/v3/public-reporting/enrollments
{
"enrollments":[
{
"user":{
"email":"john_smith@securityjourney.com",
"firstName":"John",
"lastName":"Smith",
"totalPoints":0,
"securityChampion":"f",
"archived":true,
"archivedAt":"2024-04-09T13:45:43.355836Z"
},
"levelEnrollment":{
"levelName":"Foundational",
"levelType":"level",
"status":"in_progress",
"totalLessons":7,
"passedLessons":0,
"pointsEarned":0,
"updatedAt":"2024-01-22T13:46:24.193Z",
"createdAt":"2024-01-22T13:46:24.193Z"
},
"pathEnrollment":{
"pathName":"HackEDU: OWASP API Top 10",
"status":""
}
}
GET https://my.securityjourney.com/api/v3/public-reporting/users
{
"email":"john_smith@securityjourney.com",
"firstName":"John",
"lastName":"Smith",
"totalPoints":0,
"securityChampion":"f",
"archived":true,
"archivedAt":"2023-12-15T19:48:33.630916Z"
}
GET https://my.securityjourney.com/api/v3/public-reporting/assignments
{
"assignments":[
{
"user":{
"email":"john_smith@securityjourney.com",
"firstName":"John",
"lastName":"Smith",
"totalPoints":2767,
"company":"SecurityJourney",
"jobRole":"Sr. Devops Engineer",
"businessUnit":"DevOps",
"team":"DevOps",
"securityChampion":"false",
"timeSpent":"49h1m50.000000s"
},
"assignmentName":"Annual Compliance Training",
"pathName":"Content Engineering 2024",
"dueDate":"2025-05-30T23:59:59Z",
"passedLessons":0,
"totalLessons":14,
"status":"overdue"
}
GET https://my.securityjourney.com/api/v3/public-reporting/lesson-attempts
{
"user":{
"email":"john_smith@securityjourney.com",
"firstName":"John",
"lastName":"Smith",
"totalPoints":16069,
"securityChampion":"f",
"archived":true,
"archivedAt":"2023-12-15T19:49:55.539130Z",
"timeSpent":"4h52m25.000000s"
},
"lessonName":"Ruby Static Code Analysis",
"difficulty":"advanced",
"length":"9m",
"status":"passed",
"questions":10,
"correctAnswers":8,
"watchedVideo":"watched",
"readTranscript":"not read",
"startedAt":"2023-02-24T21:07:45.715429Z",
"createdAt":"2023-02-24T21:07:45.567756Z",
"updatedAt":"2023-02-24T21:14:52.087774Z"
}
GET https://my.securityjourney.com/api/v3/public-reporting/progress
{
"user":{
"email":"john_smith@securityjourney.com",
"firstName":"John",
"lastName":"Smith",
"totalPoints":0,
"company":"Security Journey",
"jobRole":"Web Developer",
"securityChampion":"false",
"archived":true,
"archivedAt":"2024-11-13T19:12:31.140936Z"
},
"pathName":"HackEDU: OWASP API Top 10",
"levelName":"Foundational",
"status":"not_started",
"requiredLessons":7,
"requiredLessonsPassed":0,
"lessonsPassed":0,
"allLessons":7,
"startedAt":"2024-03-21T20:26:46.371061Z",
"lastEngagement":"2024-03-21T20:26:46.371061Z",
"createdAt":"2024-03-21T20:26:46.371061Z",
"updatedAt":"2024-07-12T10:54:49.217408Z",
"timeSpent":"0h0m0s",
"pathArchived":true,
"pathArchivedAt":"2024-11-13T19:12:31.140936Z"
}
GET https://my.securityjourney.com/api/v3/public-reporting/activities
{
"activities":[
{
"user":{
"email":"john_smith@securityjourney.com",
"firstName":"John",
"lastName":"Smith",
"totalPoints":16069,
"archived":true,
"archivedAt":"2023-12-15T19:49:55.539130Z",
"timeSpent":"4h52m25.000000s"
},
"text":"Teach by delivering a presentation or talk for my group",
"description":"Presentation about side channel attacks. Explains what a side channel attack is, gives some examples, and gives examples relevant to AWS. Provides a technical explanation of how a side channel attack like spectre can work.",
"points":3,
"status":"in_progress",
"levelName":"Professional",
"createdAt":"2023-06-16T18:35:52.208612Z",
"updatedAt":"2023-06-22T18:55:32.418682Z"
}
Note: "status" : "abandoned" means that the user has switched paths. In the Platform UI, it will be displayed as "paused."
If you would like to review our postman collection or swagger documentation, please email support@securityjourney.com and we can send you the files directly.