> ## Documentation Index
> Fetch the complete documentation index at: https://docs.devinenterprise.com/llms.txt
> Use this file to discover all available pages before exploring further.

# List Code Scan Findings

> List enterprise code scan findings

## Permissions

Requires a service user with the `ViewAccountCodeScans` permission at the enterprise level.


## OpenAPI

````yaml v3-openapi.yaml GET /v3/enterprise/code-scans/findings
openapi: 3.1.0
info:
  description: Devin v3 API with Service User authentication and RBAC
  title: Devin API v3
  version: 3.0.0
servers: []
security:
  - bearerAuth: []
paths:
  /v3/enterprise/code-scans/findings:
    get:
      tags:
        - code-scans
      summary: List Code Scan Findings
      description: >-
        List code scan findings for the enterprise account.


        Findings are returned newest first. Optionally filter by ``org_ids``,

        ``scan_id``, ``repo_name``, ``severity``, and ``status`` (``severity``
        and

        ``status`` accept multiple values); results are paginated with an opaque

        cursor (``after`` / ``first``).
      operationId: handle_list_code_scan_findings_v3_enterprise_code_scans_findings_get
      parameters:
        - in: query
          name: after
          required: false
          schema:
            anyOf:
              - type: string
              - type: 'null'
            title: After
        - in: query
          name: first
          required: false
          schema:
            default: 100
            maximum: 200
            minimum: 1
            title: First
            type: integer
        - description: Filter to findings in these organizations.
          in: query
          name: org_ids
          required: false
          schema:
            anyOf:
              - items:
                  type: string
                type: array
              - type: 'null'
            description: Filter to findings in these organizations.
            title: Org Ids
        - description: Filter to findings produced by this scan.
          in: query
          name: scan_id
          required: false
          schema:
            anyOf:
              - type: string
              - type: 'null'
            description: Filter to findings produced by this scan.
            title: Scan Id
        - description: Filter to findings reported in this repository.
          in: query
          name: repo_name
          required: false
          schema:
            anyOf:
              - type: string
              - type: 'null'
            description: Filter to findings reported in this repository.
            title: Repo Name
        - description: >-
            Filter to findings with any of these severities (critical, high,
            medium, low).
          in: query
          name: severity
          required: false
          schema:
            anyOf:
              - items:
                  enum:
                    - critical
                    - high
                    - medium
                    - low
                  type: string
                type: array
              - type: 'null'
            description: >-
              Filter to findings with any of these severities (critical, high,
              medium, low).
            title: Severity
        - description: >-
            Filter to findings with any of these statuses (open, dismissed,
            resolved).
          in: query
          name: status
          required: false
          schema:
            anyOf:
              - items:
                  enum:
                    - open
                    - dismissed
                    - resolved
                  type: string
                type: array
              - type: 'null'
            description: >-
              Filter to findings with any of these statuses (open, dismissed,
              resolved).
            title: Status
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: >-
                  #/components/schemas/PaginatedResponse_CodeScanFindingResponse_
          description: Successful Response
        '422':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/HTTPValidationError'
          description: Validation Error
components:
  schemas:
    PaginatedResponse_CodeScanFindingResponse_:
      properties:
        end_cursor:
          anyOf:
            - type: string
            - type: 'null'
          description: Cursor to fetch the next page, or None if this is the last page.
          title: End Cursor
        has_next_page:
          default: false
          description: Whether there are more items available after this page.
          title: Has Next Page
          type: boolean
        items:
          items:
            $ref: '#/components/schemas/CodeScanFindingResponse'
          title: Items
          type: array
        total:
          anyOf:
            - type: integer
            - type: 'null'
          description: Optional total count (can be omitted for performance).
          title: Total
      required:
        - items
      title: PaginatedResponse[CodeScanFindingResponse]
      type: object
    HTTPValidationError:
      properties:
        detail:
          items:
            $ref: '#/components/schemas/ValidationError'
          title: Detail
          type: array
      title: HTTPValidationError
      type: object
    CodeScanFindingResponse:
      description: A single code scan finding.
      properties:
        category:
          anyOf:
            - type: string
            - type: 'null'
          description: Category (rule name) the finding was classified under, if any.
          title: Category
        code_owners:
          description: Code owners associated with the affected code.
          items:
            type: string
          title: Code Owners
          type: array
        created_at:
          description: When the finding was created (unix seconds).
          title: Created At
          type: integer
        description:
          anyOf:
            - type: string
            - type: 'null'
          description: Detailed description of the vulnerability, if any.
          title: Description
        finding_id:
          description: Unique identifier for the finding.
          title: Finding Id
          type: string
        note:
          anyOf:
            - type: string
            - type: 'null'
          description: Additional note attached to the finding, if any.
          title: Note
        orchestrator_session_id:
          anyOf:
            - type: string
            - type: 'null'
          description: >-
            Orchestrator session that ran the scan that produced the finding
            (the scan's Devin session), if any.
          title: Orchestrator Session Id
        pr_url:
          anyOf:
            - type: string
            - type: 'null'
          description: URL of the remediation PR opened for this finding, if any.
          title: Pr Url
        recommendation:
          anyOf:
            - type: string
            - type: 'null'
          description: Suggested remediation for the finding, if any.
          title: Recommendation
        reference_snippets:
          description: Code snippets referenced by the finding as supporting evidence.
          items:
            $ref: '#/components/schemas/CodeScanReferenceSnippetResponse'
          title: Reference Snippets
          type: array
        repo_name:
          description: Repository the finding was reported in.
          title: Repo Name
          type: string
        scan_id:
          description: Identifier of the scan that produced the finding.
          title: Scan Id
          type: string
        session_id:
          anyOf:
            - type: string
            - type: 'null'
          description: Session that remediated the finding (and opened the PR), if any.
          title: Session Id
        severity:
          description: 'Severity of the finding: critical, high, medium, or low.'
          enum:
            - critical
            - high
            - medium
            - low
          title: Severity
          type: string
        status:
          description: 'Finding status: open, dismissed, or resolved.'
          enum:
            - open
            - dismissed
            - resolved
          title: Status
          type: string
        title:
          anyOf:
            - type: string
            - type: 'null'
          description: Title of the finding, if any.
          title: Title
      required:
        - finding_id
        - title
        - description
        - recommendation
        - note
        - code_owners
        - reference_snippets
        - severity
        - category
        - repo_name
        - pr_url
        - scan_id
        - session_id
        - orchestrator_session_id
        - status
        - created_at
      title: CodeScanFindingResponse
      type: object
    ValidationError:
      properties:
        loc:
          items:
            anyOf:
              - type: string
              - type: integer
          title: Location
          type: array
        msg:
          title: Message
          type: string
        type:
          title: Error Type
          type: string
      required:
        - loc
        - msg
        - type
      title: ValidationError
      type: object
    CodeScanReferenceSnippetResponse:
      description: A code snippet referenced by a finding as supporting evidence.
      properties:
        code:
          anyOf:
            - type: string
            - type: 'null'
          description: The referenced source code, if captured.
          title: Code
        commentary:
          description: Explanation of why this snippet is relevant to the finding.
          title: Commentary
          type: string
        end_line:
          description: Last line of the referenced range.
          title: End Line
          type: integer
        file_path:
          description: Path to the referenced file.
          title: File Path
          type: string
        start_line:
          description: First line of the referenced range.
          title: Start Line
          type: integer
      required:
        - file_path
        - start_line
        - end_line
        - commentary
      title: CodeScanReferenceSnippetResponse
      type: object
  securitySchemes:
    bearerAuth:
      description: 'Service User credential (prefix: cog_)'
      scheme: bearer
      type: http

````