> ## Documentation Index
> Fetch the complete documentation index at: https://docs.devinenterprise.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Remediate Code Scan Finding

> Launch a Devin session to remediate a code scan finding

## Permissions

Requires a service user with the `UseAccountCodeScans` permission at the enterprise level.

## Behavior

Launches a Devin session to remediate the specified code scan finding: the session analyzes the vulnerable code, implements a fix, and opens a pull request. The session is attributed to the calling principal (the service user or PAT that made the request).

Returns `409 Conflict` if the finding already has a remediation session.


## OpenAPI

````yaml v3-openapi.yaml POST /v3/enterprise/organizations/{org_id}/code-scans/{scan_id}/findings/{finding_id}/remediate
openapi: 3.1.0
info:
  description: Devin v3 API with Service User authentication and RBAC
  title: Devin API v3
  version: 3.0.0
servers: []
security:
  - bearerAuth: []
paths:
  /v3/enterprise/organizations/{org_id}/code-scans/{scan_id}/findings/{finding_id}/remediate:
    post:
      tags:
        - code-scans
      summary: Remediate Code Scan Finding
      description: >-
        Launch a Devin session to remediate a code scan finding.


        The session analyzes the vulnerable code, implements a fix, and opens a

        pull request. The session is attributed to the calling principal (the

        service user or PAT that made the request). Returns ``409`` if the
        finding

        already has a remediation session.
      operationId: >-
        handle_remediate_code_scan_finding_v3_enterprise_organizations__org_id__code_scans__scan_id__findings__finding_id__remediate_post
      parameters:
        - description: 'Organization ID (prefix: org-)'
          in: path
          name: org_id
          required: true
          schema:
            example: org-abc123def456
            title: Org Id
            type: string
        - in: path
          name: scan_id
          required: true
          schema:
            title: Scan Id
            type: string
        - in: path
          name: finding_id
          required: true
          schema:
            title: Finding Id
            type: string
      responses:
        '201':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RemediateFindingResponse'
          description: Successful Response
        '422':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/HTTPValidationError'
          description: Validation Error
components:
  schemas:
    RemediateFindingResponse:
      description: The remediation session launched for a code scan finding.
      properties:
        finding_id:
          description: The finding that is being remediated.
          title: Finding Id
          type: string
        session_id:
          description: ID of the Devin session launched to remediate the finding.
          title: Session Id
          type: string
      required:
        - finding_id
        - session_id
      title: RemediateFindingResponse
      type: object
    HTTPValidationError:
      properties:
        detail:
          items:
            $ref: '#/components/schemas/ValidationError'
          title: Detail
          type: array
      title: HTTPValidationError
      type: object
    ValidationError:
      properties:
        loc:
          items:
            anyOf:
              - type: string
              - type: integer
          title: Location
          type: array
        msg:
          title: Message
          type: string
        type:
          title: Error Type
          type: string
      required:
        - loc
        - msg
        - type
      title: ValidationError
      type: object
  securitySchemes:
    bearerAuth:
      description: 'Service User credential (prefix: cog_)'
      scheme: bearer
      type: http

````