Fetch Cipher–TLS Version Mapping from Discovery Execution
The API enables users to fetch cipher–TLS version mappings for each discovery execution, along with metadata such as discovery execution ID, start and end times, and target endpoints. This is applicable for Discovery Types, IPRANGE, SUBNET, and NETWORK.
Before you begin
- The user should have
DISCOVERY_CREATE_EDITas ACF permission.
Request Structure
| Endpoint: | /certificate/discovery/instance?discoveryName=<name> |
| Type: | GET |
| Sample URL: |
To understand the elements of the sample URL, click here. |
| Headers | |
| Content-Type: | application/json |
| Name | Description |
|---|---|
| sessionId
|
(Mandatory) Session ID received after login. Type: String Constraints: Required if username and password are not provided. |
| userName
|
(Mandatory) Username that is configured in
AppViewX. Type: String |
| password
|
(Mandatory) Password of that user. Type: String |
| content-type
|
(Mandatory) Payload content-type with application/json
value. Type: String Constraint: The value must be application/json. |
| gwsource
|
(Mandatory) The source from which the request is triggered, e.g.,
external. Type: String |
discoveryNameHeader |
(Mandatory) Name of the discovery instance. Type: String |
skipHeader |
(Optional) skip is from which the response has to be available.
For example, if the response has to skip the first 100 and show the
next 50, then the start index has to be 101. Type: Integer Constraint: Default value is 0. |
limitHeader |
(Optional) The number of entries from the start index to be made
available. For example, if the response is expected to have skipped
the first 100 and show the next 50, then the start index has to be
101 and max has to be 50. Type: Integer Constraint: Default value is 100 and max value is 100. |
Response Structure
Response returns string of type application/json with the following body parameters:
| Name | Description |
|---|---|
| response | Contains the response attributes. Type: A JSON object |
| vulnerabilityRecords | Vulnerability Records. Type: Array |
| columnHeader | null |
| data | Certificate metadata. Type: Array of Certificate json String |
| totalRecords | Total Number Records available for this discovery. Help while doing pagination until you fetch all records. |
| executionTime | Execution time of the request. |
| iTotalDisplayRecords | Total number of records in the specified discoveryInstance. |
| headers | null |
| appStatusCode | Application specific status code for the response. It is a
non-null value for a failure response. Type: String |
| tags | null |
| response | Contains the response attributes. Type: JSON object |
| vulnerabilityRecords | List of vulnerability records for each scanned
IP/port. Type: Array |
| ip | IP address of the scanned endpoint. Type: String |
| port | Port number used for scanning. Type: Integer |
| cipherSuites | Map of cipher names with their strength levels, with ::TLS
version suffix. Type: Object |
| sslCiphers | List of individual cipher objects. Type: Array |
| name | Name of the cipher suite. Type: String |
| strength | Security strength classification (for example, HIGH, UNKNOWN).
Type: String |
| protocolVersion | TLS protocol version (for example, TLSv1.2,
TLSv1.3). Type: String |
| tlsSslVersions | TLS versions and their overall security rating. Type: Object |
| cipherFetchStatus | Status of the cipher fetching operation. Type: String |
| hostName | Resolved hostname (if available). Type: String or null |
| group | null |
| certificateUuid | null |
| message | Any messages returned for the endpoint. Type: Array of Strings |
| cvss | null |
| columnHeader | null |
| totalRecords | Total number of vulnerability records available for this
discovery. Useful for pagination. Type: Integer |
| executionTime | Time taken to execute the request. |
| iTotalDisplayRecords | Total number of vulnerability records available for this
discovery. Useful for pagination. Type: Integer |
| discoveryEndTime | End Time of Discovery in GMT. Type: String |
| headers | null |
| appStatusCode | Application specific status code for the response. It is a
non-null value for a failure response. Type: String |
| tags | Metadata or upstream error tags. Type: Object |
| message | Error message (if any). Type: String or null |
Status Codes
| HTTP Code | appStatusCode | Response Message |
|---|---|---|
| 202 Accepted | NA | Accepted. |
| 400 Bad Request | ERR_DISC_DISCOVERY_HISTORY_RETRIVAL | Error while retrieving discovery history. Remediation: Discovery name passed in the request should be present in the database. |
| 400 Bad Request | NO_RECORDS_FOUND | No matching records found. Remediation: Discovery name passed in the request should be present in the system. |
| 417 Expectation failed | MANDATORY_QUERY_PARAM_MISSING | Mandatory query param is missing or
invalid. Remediation: The parameter <discoveryName> must be present in the URL request. |
| 417 Expectation failed | CERT-FV-001 | Invalid query param found for
discoveryName. Remediation: The discoveryName value should be a minimum of 2 characters. |
| 500 Internal Server Error | avx-common-011 | Error while processing. |
Sample Request/Response
{
"response": {
"vulnerabilityRecords": [
{
"certificateUuid": null,
"ip": "192.168.224.5",
"port": 443,
"cipherSuites": {
"TLS_AKE_WITH_AES_128_GCM_SHA256::TLSv1.3": "UNKNOWN",
"TLS_AKE_WITH_AES_256_GCM_SHA384::TLSv1.3": "UNKNOWN",
"TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256::TLSv1.2": "HIGH",
"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256::TLSv1.2": "HIGH",
"TLS_AKE_WITH_CHACHA20_POLY1305_SHA256::TLSv1.3": "UNKNOWN",
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384::TLSv1.2": "HIGH"
},
"sslCiphers": [
{
"name": "TLS_AKE_WITH_AES_128_GCM_SHA256",
"strength": "UNKNOWN",
"protocolVersion": "TLSv1.3"
},
{
"name": "TLS_AKE_WITH_AES_256_GCM_SHA384",
"strength": "UNKNOWN",
"protocolVersion": "TLSv1.3"
},
{
"name": "TLS_AKE_WITH_CHACHA20_POLY1305_SHA256",
"strength": "UNKNOWN",
"protocolVersion": "TLSv1.3"
},
{
"name": "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256",
"strength": "HIGH",
"protocolVersion": "TLSv1.2"
},
{
"name": "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"strength": "HIGH",
"protocolVersion": "TLSv1.2"
},
{
"name": "TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256",
"strength": "HIGH",
"protocolVersion": "TLSv1.2"
}
],
"hostName": null,
"group": null,
"tlsSslVersions": {
"TLSv1.3": "HIGH",
"TLSv1.2": "HIGH"
},
"cipherFetchStatus": "Success",
"message": [],
"cvss": null
}
],
"columnHeader": null,
"totalRecords": 1,
"executionTime": 15,
"iTotalDisplayRecords": 1,
"discoveryStartTime": "06/17/25 07:24:16",
"discoveryEndTime": "06/17/25 07:34:09"
},
"message": null,
"appStatusCode": null,
"tags": {},
"headers": null
}References
- IP/HostName/TenantName: Replace with the actual IP address, hostname,
or tenant name based on the specific configuration in AppViewX.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
The IP address will be included in the endpoint URL for an on-prem deployment.
- HostName: A human-readable label assigned to a device (host)
on a network
The hostname will be included in the endpoint URL for an on-prem deployment.
- TenantName: An identifier label for a tenant given to
indicate which tenant's data the API request will
access/modify
The tenant name will be included in the endpoint URL for a SaaS deployment.
- IP: A unique identifier assigned to each device connected to
a computer network that uses the Internet Protocol for communication
- GWPORT: AppViewX gateway port
A gateway port refers to a network port through which data is sent and received to communicate with a gateway in an on-prem deployment.
Example: 31443
- avxapi: Path parameter value (static) that is part of the endpoint's URL
- Endpoint: Endpoint of the API, for example: execute-hook
- gwsource: Source or origin of a gateway, for example: external.
