> ## Documentation Index > Fetch the complete documentation index at: https://www.c1.ai/docs/llms.txt > Use this file to discover all available pages before exploring further. # Search > Search findings using full-text query and filters for severity, state, type, and app. ## OpenAPI ````yaml https://spec.speakeasy.com/conductor-one/conductorone/my-source-with-code-samples post /api/v1/findings/search openapi: 3.1.0 info: description: The C1 API is a HTTP API for managing C1 resources. title: C1 API version: 0.1.0-alpha servers: - description: The C1 API server for the current tenant. url: https://{tenantDomain}.conductor.one variables: tenantDomain: default: example description: The domain of the tenant to use for this request. security: - bearerAuth: [] oauth: [] paths: /api/v1/findings/search: post: tags: - Findings summary: Search description: >- Search findings using full-text query and filters for severity, state, type, and app. operationId: c1.api.finding.v1.FindingSearchService.Search requestBody: content: application/json: schema: $ref: '#/components/schemas/c1.api.finding.v1.FindingSearchRequest' responses: '200': content: application/json: schema: $ref: '#/components/schemas/c1.api.finding.v1.FindingSearchResponse' description: Successful response x-codeSamples: - lang: go label: Search source: "package main\n\nimport(\n\t\"context\"\n\t\"github.com/conductorone/conductorone-sdk-go/pkg/models/shared\"\n\tconductoronesdkgo \"github.com/conductorone/conductorone-sdk-go\"\n\t\"log\"\n)\n\nfunc main() {\n ctx := context.Background()\n\n s := conductoronesdkgo.New(\n conductoronesdkgo.WithSecurity(shared.Security{\n BearerAuth: \"\",\n Oauth: \"\",\n }),\n )\n\n res, err := s.FindingSearch.Search(ctx, nil)\n if err != nil {\n log.Fatal(err)\n }\n if res.FindingSearchResponse != nil {\n // handle response\n }\n}" - lang: typescript label: Typescript (SDK) source: >- import { ConductoroneSDKTypescript } from "conductorone-sdk-typescript"; const conductoroneSDKTypescript = new ConductoroneSDKTypescript({ security: { bearerAuth: "", oauth: "", }, }); async function run() { const result = await conductoroneSDKTypescript.findingSearch.search(); console.log(result); } run(); components: schemas: c1.api.finding.v1.FindingSearchRequest: description: The FindingSearchRequest message. properties: appIds: description: Filter by app IDs (OR within field). items: type: string nullable: true readOnly: false type: array appUserIds: description: |- Filter by app user IDs (OR within field). Matches findings whose target.app_user_target.app_user_id is in this list. items: type: string nullable: true readOnly: false type: array findingTypes: description: Filter by finding type discriminators (OR within field). items: type: string nullable: true readOnly: false type: array pageSize: description: Maximum number of findings to return per page. format: int32 readOnly: false type: integer pageToken: description: Pagination token from a previous response. readOnly: false type: string query: description: Free text search query. readOnly: false type: string severities: description: Filter by severities (OR within field). items: enum: - FINDING_SEVERITY_UNSPECIFIED - FINDING_SEVERITY_INFO - FINDING_SEVERITY_LOW - FINDING_SEVERITY_MEDIUM - FINDING_SEVERITY_HIGH - FINDING_SEVERITY_CRITICAL type: string x-speakeasy-unknown-values: allow nullable: true readOnly: false type: array states: description: Filter by states (OR within field). items: enum: - FINDING_STATE_UNSPECIFIED - FINDING_STATE_OPEN - FINDING_STATE_IN_PROGRESS - FINDING_STATE_RESOLVED - FINDING_STATE_SNOOZED - FINDING_STATE_RISK_ACCEPTED - FINDING_STATE_SUPPRESSED type: string x-speakeasy-unknown-values: allow nullable: true readOnly: false type: array title: Finding Search Request type: object x-speakeasy-name-override: FindingSearchRequest c1.api.finding.v1.FindingSearchResponse: description: The FindingSearchResponse message. properties: list: description: The list field. items: $ref: '#/components/schemas/c1.api.finding.v1.Finding' nullable: true readOnly: false type: array nextPageToken: description: The nextPageToken field. readOnly: false type: string title: Finding Search Response type: object x-speakeasy-name-override: FindingSearchResponse c1.api.finding.v1.Finding: description: > The Finding message. This message contains a oneof named finding_type. Only a single field of the following list may be set at a time: - similarUsernameMatch - serviceAccountMisclassification This message contains a oneof named target. Only a single field of the following list may be set at a time: - identityUserTarget - appUserTarget This message contains a oneof named evidence. Only a single field of the following list may be set at a time: - similarUsernameMatchEvidence - serviceAccountMisclassificationEvidence properties: appId: description: The appId field. readOnly: false type: string appUserTarget: $ref: '#/components/schemas/c1.api.finding.v1.AppUserTarget' assignedOwner: $ref: '#/components/schemas/c1.api.finding.v1.FindingOwnerRef' computedOwner: $ref: '#/components/schemas/c1.api.finding.v1.FindingOwnerRef' createdAt: format: date-time readOnly: false type: string customTags: additionalProperties: type: string description: The customTags field. readOnly: false type: object fingerprint: description: The fingerprint field. readOnly: false type: string firstObservedAt: format: date-time readOnly: false type: string id: description: The id field. readOnly: false type: string identityUserTarget: $ref: '#/components/schemas/c1.api.finding.v1.IdentityUserTarget' lastObservedAt: format: date-time readOnly: false type: string recurrenceCount: description: The recurrenceCount field. format: uint32 readOnly: false type: integer remediationDescription: description: The remediationDescription field. readOnly: false type: string resolvedAt: format: date-time readOnly: false type: string riskAcceptanceExpiresAt: format: date-time readOnly: false type: string riskAcceptanceJustification: description: The riskAcceptanceJustification field. readOnly: false type: string riskScore: $ref: '#/components/schemas/c1.api.finding.v1.FindingRiskScore' serviceAccountMisclassification: $ref: >- #/components/schemas/c1.api.finding.v1.ServiceAccountMisclassificationType serviceAccountMisclassificationEvidence: $ref: >- #/components/schemas/c1.api.finding.v1.ServiceAccountMisclassificationEvidence severity: description: The severity field. enum: - FINDING_SEVERITY_UNSPECIFIED - FINDING_SEVERITY_INFO - FINDING_SEVERITY_LOW - FINDING_SEVERITY_MEDIUM - FINDING_SEVERITY_HIGH - FINDING_SEVERITY_CRITICAL readOnly: false type: string x-speakeasy-unknown-values: allow similarUsernameMatch: $ref: '#/components/schemas/c1.api.finding.v1.SimilarUsernameMatchType' similarUsernameMatchEvidence: $ref: '#/components/schemas/c1.api.finding.v1.SimilarUsernameMatchEvidence' snoozeReason: description: The snoozeReason field. readOnly: false type: string snoozeUntil: format: date-time readOnly: false type: string sourceDetectorId: description: The sourceDetectorId field. readOnly: false type: string state: description: The state field. enum: - FINDING_STATE_UNSPECIFIED - FINDING_STATE_OPEN - FINDING_STATE_IN_PROGRESS - FINDING_STATE_RESOLVED - FINDING_STATE_SNOOZED - FINDING_STATE_RISK_ACCEPTED - FINDING_STATE_SUPPRESSED readOnly: false type: string x-speakeasy-unknown-values: allow stateUpdatedById: description: The stateUpdatedById field. readOnly: false type: string suppressReason: description: The suppressReason field. readOnly: false type: string taskId: description: The taskId field. readOnly: false type: string updatedAt: format: date-time readOnly: false type: string title: Finding type: object x-speakeasy-name-override: Finding c1.api.finding.v1.AppUserTarget: description: The AppUserTarget message. nullable: true properties: appId: description: The appId field. readOnly: false type: string appUserId: description: The appUserId field. readOnly: false type: string title: App User Target type: object x-speakeasy-name-override: AppUserTarget c1.api.finding.v1.FindingOwnerRef: description: > The FindingOwnerRef message. This message contains a oneof named owner. Only a single field of the following list may be set at a time: - identityUserId - appOwnerAppId - managerOfUserId - userSetId properties: appOwnerAppId: description: >- The appOwnerAppId field. This field is part of the `owner` oneof. See the documentation for `c1.api.finding.v1.FindingOwnerRef` for more details. nullable: true readOnly: false type: string identityUserId: description: >- The identityUserId field. This field is part of the `owner` oneof. See the documentation for `c1.api.finding.v1.FindingOwnerRef` for more details. nullable: true readOnly: false type: string managerOfUserId: description: >- The managerOfUserId field. This field is part of the `owner` oneof. See the documentation for `c1.api.finding.v1.FindingOwnerRef` for more details. nullable: true readOnly: false type: string userSetId: description: >- The userSetId field. This field is part of the `owner` oneof. See the documentation for `c1.api.finding.v1.FindingOwnerRef` for more details. nullable: true readOnly: false type: string title: Finding Owner Ref type: object x-speakeasy-name-override: FindingOwnerRef c1.api.finding.v1.IdentityUserTarget: description: The IdentityUserTarget message. nullable: true properties: identityUserId: description: The identityUserId field. readOnly: false type: string title: Identity User Target type: object x-speakeasy-name-override: IdentityUserTarget c1.api.finding.v1.FindingRiskScore: description: The FindingRiskScore message. properties: originalScore: description: The originalScore field. format: uint32 readOnly: false type: integer overrideByUserId: description: The overrideByUserId field. readOnly: false type: string overrideScore: description: The overrideScore field. format: uint32 readOnly: false type: integer riskFactors: description: The riskFactors field. items: $ref: '#/components/schemas/c1.api.finding.v1.FindingRiskFactor' nullable: true readOnly: false type: array score: description: The score field. format: uint32 readOnly: false type: integer systemScore: description: The systemScore field. format: uint32 readOnly: false type: integer title: Finding Risk Score type: object x-speakeasy-name-override: FindingRiskScore c1.api.finding.v1.ServiceAccountMisclassificationType: description: The ServiceAccountMisclassificationType message. nullable: true properties: currentAccountType: description: The currentAccountType field. enum: - APP_USER_TYPE_UNSPECIFIED - APP_USER_TYPE_USER - APP_USER_TYPE_SERVICE_ACCOUNT - APP_USER_TYPE_SYSTEM_ACCOUNT readOnly: false type: string x-speakeasy-unknown-values: allow detectedAccountType: description: The detectedAccountType field. enum: - APP_USER_TYPE_UNSPECIFIED - APP_USER_TYPE_USER - APP_USER_TYPE_SERVICE_ACCOUNT - APP_USER_TYPE_SYSTEM_ACCOUNT readOnly: false type: string x-speakeasy-unknown-values: allow title: Service Account Misclassification Type type: object x-speakeasy-name-override: ServiceAccountMisclassificationType c1.api.finding.v1.ServiceAccountMisclassificationEvidence: description: The ServiceAccountMisclassificationEvidence message. nullable: true properties: detectionReason: description: The detectionReason field. readOnly: false type: string title: Service Account Misclassification Evidence type: object x-speakeasy-name-override: ServiceAccountMisclassificationEvidence c1.api.finding.v1.SimilarUsernameMatchType: description: The SimilarUsernameMatchType message. nullable: true properties: proposedIdentityUserId: description: The proposedIdentityUserId field. readOnly: false type: string title: Similar Username Match Type type: object x-speakeasy-name-override: SimilarUsernameMatchType c1.api.finding.v1.SimilarUsernameMatchEvidence: description: The SimilarUsernameMatchEvidence message. nullable: true properties: appUsername: description: The appUsername field. readOnly: false type: string identityUsername: description: The identityUsername field. readOnly: false type: string similarityScore: description: The similarityScore field. readOnly: false type: number title: Similar Username Match Evidence type: object x-speakeasy-name-override: SimilarUsernameMatchEvidence c1.api.finding.v1.FindingRiskFactor: description: The FindingRiskFactor message. properties: description: description: The description field. readOnly: false type: string name: description: The name field. readOnly: false type: string severity: description: The severity field. enum: - FINDING_SEVERITY_UNSPECIFIED - FINDING_SEVERITY_INFO - FINDING_SEVERITY_LOW - FINDING_SEVERITY_MEDIUM - FINDING_SEVERITY_HIGH - FINDING_SEVERITY_CRITICAL readOnly: false type: string x-speakeasy-unknown-values: allow weight: description: The weight field. format: uint32 readOnly: false type: integer title: Finding Risk Factor type: object x-speakeasy-name-override: FindingRiskFactor securitySchemes: bearerAuth: scheme: bearer type: http oauth: description: >- This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the [c1TokenSource.Token()](https://github.com/ConductorOne/conductorone-sdk-go/blob/3375fe7c0126d17e7ec4e711693dee7b791023aa/token_source.go#L101-L187) function. flows: clientCredentials: scopes: {} tokenUrl: /auth/v1/token type: oauth2 ````