Skip to main content
PATCH
/
api
/
findings
/
{id}
/
severity
{
  "severity": "high"
}

{
  "success": true,
  "data": {
    "finding_id": "123e4567-e89b-12d3-a456-426614174000",
    "old_severity": "medium",
    "new_severity": "high",
    "event": {
      "id": "987e6543-e89b-12d3-a456-426614174999",
      "finding_id": "123e4567-e89b-12d3-a456-426614174000",
      "user_id": "555e5555-e89b-12d3-a456-426614175555",
      "event_type": "severity_change",
      "old_value": "medium",
      "new_value": "high",
      "comment": null,
      "metadata": null,
      "created_at": "2026-03-12T14:30:00Z"
    }
  }
}
Update the severity classification of a security finding. This operation creates a finding event to track the change history.
This endpoint requires authentication. The change will be recorded with the authenticated user’s ID.

Path Parameters

id
string
required
The unique UUID of the finding to update

Request Body

severity
string
required
The new severity level for the finding. Must be one of:
  • critical - Requires immediate attention
  • high - Significant risk, prioritize remediation
  • medium - Moderate risk
  • low - Minor risk or informational
{
  "severity": "high"
}

Response

Returns the updated finding information and the event that was created to track this change.
data
object
{
  "success": true,
  "data": {
    "finding_id": "123e4567-e89b-12d3-a456-426614174000",
    "old_severity": "medium",
    "new_severity": "high",
    "event": {
      "id": "987e6543-e89b-12d3-a456-426614174999",
      "finding_id": "123e4567-e89b-12d3-a456-426614174000",
      "user_id": "555e5555-e89b-12d3-a456-426614175555",
      "event_type": "severity_change",
      "old_value": "medium",
      "new_value": "high",
      "comment": null,
      "metadata": null,
      "created_at": "2026-03-12T14:30:00Z"
    }
  }
}

Error Responses

404 Not Found

Returned when the specified finding does not exist. 
{
  "success": false,
  "code": 404,
  "message": "Finding '123e4567-e89b-12d3-a456-426614174000' not found"
}

500 Internal Server Error

Returned when the update fails or the event cannot be recorded. 
{
  "success": false,
  "code": 500,
  "message": "Failed to update severity: database connection error"
}

{
  "success": false,
  "code": 500,
  "message": "Severity updated but failed to record event: database error"
}
If the severity is updated successfully but the event recording fails, the finding will still have the new severity value. The error message will indicate this partial success.

Build docs developers (and LLMs) love

Get started for freeTalk to us