Retrieving and Exporting CWE Records with Aspen Adapt API
Use the Aspen Reporting API to retrieve, filter, and export CWE findings for integration with BI, analytics, and security reporting platforms.
Retrieving CWE Records
Authenticate with your Aspen API key, as described in this article.
Security Journey Aspen Adapt API
https://api.securityjourney.com/integrations/cwes
| Method | GET |
| Requires | API Key with Read permissions |
Query Parameters
|
Field |
Type |
Required |
Description |
pageSize |
integer | No | Number of items per page (default: 100, max: 1000) |
page |
integer | No | Page number (default: 1) |
sortBy |
string | No | createdAt, cwe, username, gitRepo, or gitCommitterEmail (default: createdAt) |
sortOrder |
string | No | asc or desc (default: desc) |
emails |
array of strings | No | Limit results to these committer emails |
cwes |
array of integers | No | Limit results to these pull/merge request numbers |
dateFrom |
timestamp | No | Inclusive lower bound on createdAt (e.g. `2025-01-01T00:00:00Z`) |
dateTo |
timestamp | No | Inclusive upper bound on createdAt (e.g. `2025-12-31T23:59:59Z`) |
dedupeBy |
array of strings | No | Collapses results to one row per dedup group. Each element names a grouping field. Recognized values: gitCommitterEmail, gitRepo. Must always include gitCommitterEmail. Examples: dedupeBy=gitCommitterEmail (group by cwe + email) or dedupeBy=gitCommitterEmail&dedupeBy=gitRepo (group by cwe + email + repo). Omit for raw undeduplicated results. |
Note: Query parameters and POST body fields also accept snake_case (e.g. page_size, git_repos) — both casings work. Response fields are always camelCase.
Response Body
| Field | Type | Description |
cwes |
array of CWE |
Matching CWE records for the page requested |
totalCount |
integer | Total number of records matching the filters |
page |
integer | Page number returned |
pageSize |
integer | Page size used |
totalPages |
integer | Total number of pages available |
filters |
object | emails, cwes, gitRepos, and prNumbers distinct values available for this tenant |
Each CWE record contains: username, cwe, gitRepo, gitCommitterEmail, directoryUuid, gitHeadSha, prNumber, createdAt, firstSeen, lastSeen, occurrenceCount.
Note on deduplication: When dedupeBy is set, totalCount and totalPages reflect the number of distinct groups matching the filters, not the total raw findings. The firstSeen and lastSeen fields show the time range of all findings collapsed into each group, and occurrenceCount shows how many raw findings were collapsed. When dedupeBy is omitted, occurrenceCount is always `1` and firstSeen/lastSeen equal createdAt.
Example cURL Request
bash
curl -X GET "https://api.securityjourney.com/integrations/cwes?page=1&pageSize=100&sortBy=createdAt&sortOrder=desc" \
-H "Authorization: Bearer {API token}"
Filtering by repository and PR number (repeat the parameter for multiple values):
bash
curl -X GET "https://api.securityjourney.com/integrations/cwes?gitRepos=my-org/my-service&prNumbers=42" \
-H "Authorization: Bearer {API token}"
Deduplicating by committer email (one row per CWE + email):
bash
curl -X GET "https://api.securityjourney.com/integrations/cwes?dedupeBy=gitCommitterEmail" \
-H "Authorization: Bearer {API token}"
Deduplicating by committer email and repository (repeat the parameter):
bash
curl -X GET "https://api.securityjourney.com/integrations/cwes?dedupeBy=gitCommitterEmail&dedupeBy=gitRepo" \
-H "Authorization: Bearer {API token}"```
Exporting CWE Records
Authenticate with your Aspen API key, as described above.
https://api.securityjourney.com/integrations/cwes/export
| Method | GET |
| Requires | API Key with Read permissions |
Returns all CWE records for the tenant as a gzip-compressed CSV. The response body is the raw gzip-compressed CSV data — not a JSON object.
Note: Requests must include an Accept-Encoding header containing gzip, or the API returns 406 Not Acceptable.
Response Headers
| Header |
Value |
Content-Type |
text/csv |
Content-Encoding |
gzip |
Content-Disposition |
attachment; filename=cwes.csv |
Example cURL Request
bash
curl -X GET "https://api.securityjourney.com/integrations/cwes/export" \
-H "Authorization: Bearer {API token}" \
-H "Accept-Encoding: gzip" \
-o cwes.csv.gz
The CSV header row is: cwe, username, gitCommitterEmail, gitRepo, prNumber, gitHeadSha, createdAt.
Summary
The Aspen API provides endpoints for retrieving and exporting CWE (Common Weakness Enumeration) records associated with your organization. Using the /integrations/cwes endpoint, you can filter results by date range, committer email, CWE ID, repository, and pull request number, while also supporting sorting, pagination, and optional deduplication. Responses include detailed CWE metadata such as repository information, committer email, occurrence counts, and timestamps. For large-scale analysis and reporting, the /integrations/cwes/export endpoint allows you to download all CWE records as a gzip-compressed CSV file containing key finding details for further processing.