Update Security Findings Public API docs (#3586)

api-clients-generation-pipeline[bot] · ci.datadog-api-spec · web-flow · commit 5838037387ba · 2026-01-09T21:35:00.000Z
Co-authored-by: ci.datadog-api-spec &lt;packages@datadoghq.com&gt;
diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml
@@ -82195,13 +82195,6 @@ paths:
       description: 'Get a list of security findings that match a search query.
 
 
-        This endpoint requires one of the following permissions:
-
-        - `security_monitoring_findings_read`
-
-        - `appsec_vm_read`
-
-
         ### Query Syntax
 
 
@@ -82264,8 +82257,6 @@ paths:
         appKeyAuth: []
       - AuthZ:
         - security_monitoring_findings_read
-      - AuthZ:
-        - appsec_vm_read
       summary: List security findings
       tags:
       - Security Monitoring
@@ -82279,9 +82270,6 @@ paths:
         permissions:
         - security_monitoring_findings_read
         - appsec_vm_read
-      x-unstable: '**Note**: This endpoint is in beta and subject to change.
-
-        If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
   /api/v2/security/findings/cases:
     delete:
       description: 'Detach security findings from their case.
@@ -82506,13 +82494,6 @@ paths:
       description: 'Get a list of security findings that match a search query.
 
 
-        This endpoint requires one of the following permissions:
-
-        - `security_monitoring_findings_read`
-
-        - `appsec_vm_read`
-
-
         ### Query Syntax
 
 
@@ -82546,8 +82527,6 @@ paths:
         appKeyAuth: []
       - AuthZ:
         - security_monitoring_findings_read
-      - AuthZ:
-        - appsec_vm_read
       summary: Search security findings
       tags:
       - Security Monitoring
@@ -82562,9 +82541,6 @@ paths:
         permissions:
         - security_monitoring_findings_read
         - appsec_vm_read
-      x-unstable: '**Note**: This endpoint is in beta and subject to change.
-
-        If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
   /api/v2/security/sboms:
     get:
       description: 'Get a list of assets SBOMs for an organization.
diff --git a/api/datadog/configuration.go b/api/datadog/configuration.go
@@ -688,14 +688,12 @@ func NewConfiguration() *Configuration {
 			"v2.ListFindings":                            false,
 			"v2.ListMultipleRulesets":                    false,
 			"v2.ListScannedAssetsMetadata":               false,
-			"v2.ListSecurityFindings":                    false,
 			"v2.ListSecurityMonitoringHistsignals":       false,
 			"v2.ListThreatHuntingJobs":                   false,
 			"v2.ListVulnerabilities":                     false,
 			"v2.ListVulnerableAssets":                    false,
 			"v2.MuteFindings":                            false,
 			"v2.RunThreatHuntingJob":                     false,
-			"v2.SearchSecurityFindings":                  false,
 			"v2.SearchSecurityMonitoringHistsignals":     false,
 			"v2.CreateDataset":                           false,
 			"v2.DeleteDataset":                           false,
diff --git a/api/datadogV2/api_security_monitoring.go b/api/datadogV2/api_security_monitoring.go
@@ -4875,10 +4875,6 @@ func (r *ListSecurityFindingsOptionalParameters) WithSort(sort SecurityFindingsS
 // ListSecurityFindings List security findings.
 // Get a list of security findings that match a search query.
 //
-// This endpoint requires one of the following permissions:
-// - `security_monitoring_findings_read`
-// - `appsec_vm_read`
-//
 // ### Query Syntax
 //
 // This endpoint uses the logs query syntax. Findings attributes (living in the custom. namespace) are prefixed by @ when queried. Tags are queried without a prefix.
@@ -4899,15 +4895,6 @@ func (a *SecurityMonitoringApi) ListSecurityFindings(ctx _context.Context, o ...
 		optionalParams = o[0]
 	}
 
-	operationId := "v2.ListSecurityFindings"
-	isOperationEnabled := a.Client.Cfg.IsUnstableOperationEnabled(operationId)
-	if !isOperationEnabled {
-		return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: _fmt.Sprintf("Unstable operation '%s' is disabled", operationId)}
-	}
-	if isOperationEnabled && a.Client.Cfg.Debug {
-		_log.Printf("WARNING: Using unstable operation '%s'", operationId)
-	}
-
 	localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.ListSecurityFindings")
 	if err != nil {
 		return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()}
@@ -7079,10 +7066,6 @@ func (a *SecurityMonitoringApi) RunThreatHuntingJob(ctx _context.Context, body R
 // SearchSecurityFindings Search security findings.
 // Get a list of security findings that match a search query.
 //
-// This endpoint requires one of the following permissions:
-// - `security_monitoring_findings_read`
-// - `appsec_vm_read`
-//
 // ### Query Syntax
 //
 // The API uses the logs query syntax. Findings attributes (living in the custom. namespace) are prefixed by @ when queried. Tags are queried without a prefix.
@@ -7095,15 +7078,6 @@ func (a *SecurityMonitoringApi) SearchSecurityFindings(ctx _context.Context, bod
 		localVarReturnValue ListSecurityFindingsResponse
 	)
 
-	operationId := "v2.SearchSecurityFindings"
-	isOperationEnabled := a.Client.Cfg.IsUnstableOperationEnabled(operationId)
-	if !isOperationEnabled {
-		return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: _fmt.Sprintf("Unstable operation '%s' is disabled", operationId)}
-	}
-	if isOperationEnabled && a.Client.Cfg.Debug {
-		_log.Printf("WARNING: Using unstable operation '%s'", operationId)
-	}
-
 	localBasePath, err := a.Client.Cfg.ServerURLWithContext(ctx, "v2.SecurityMonitoringApi.SearchSecurityFindings")
 	if err != nil {
 		return localVarReturnValue, nil, datadog.GenericOpenAPIError{ErrorMessage: err.Error()}
diff --git a/examples/v2/security-monitoring/ListSecurityFindings.go b/examples/v2/security-monitoring/ListSecurityFindings.go
@@ -15,7 +15,6 @@ import (
 func main() {
 	ctx := datadog.NewDefaultContext(context.Background())
 	configuration := datadog.NewConfiguration()
-	configuration.SetUnstableOperationEnabled("v2.ListSecurityFindings", true)
 	apiClient := datadog.NewAPIClient(configuration)
 	api := datadogV2.NewSecurityMonitoringApi(apiClient)
 	resp, r, err := api.ListSecurityFindings(ctx, *datadogV2.NewListSecurityFindingsOptionalParameters())
diff --git a/examples/v2/security-monitoring/ListSecurityFindings_2925663885.go b/examples/v2/security-monitoring/ListSecurityFindings_2925663885.go
@@ -15,7 +15,6 @@ import (
 func main() {
 	ctx := datadog.NewDefaultContext(context.Background())
 	configuration := datadog.NewConfiguration()
-	configuration.SetUnstableOperationEnabled("v2.ListSecurityFindings", true)
 	apiClient := datadog.NewAPIClient(configuration)
 	api := datadogV2.NewSecurityMonitoringApi(apiClient)
 	resp, r, err := api.ListSecurityFindings(ctx, *datadogV2.NewListSecurityFindingsOptionalParameters().WithPageLimit(5))
diff --git a/examples/v2/security-monitoring/SearchSecurityFindings.go b/examples/v2/security-monitoring/SearchSecurityFindings.go
@@ -22,7 +22,6 @@ func main() {
 	}
 	ctx := datadog.NewDefaultContext(context.Background())
 	configuration := datadog.NewConfiguration()
-	configuration.SetUnstableOperationEnabled("v2.SearchSecurityFindings", true)
 	apiClient := datadog.NewAPIClient(configuration)
 	api := datadogV2.NewSecurityMonitoringApi(apiClient)
 	resp, r, err := api.SearchSecurityFindings(ctx, body)
diff --git a/examples/v2/security-monitoring/SearchSecurityFindings_3678541639.go b/examples/v2/security-monitoring/SearchSecurityFindings_3678541639.go
@@ -25,7 +25,6 @@ func main() {
 	}
 	ctx := datadog.NewDefaultContext(context.Background())
 	configuration := datadog.NewConfiguration()
-	configuration.SetUnstableOperationEnabled("v2.SearchSecurityFindings", true)
 	apiClient := datadog.NewAPIClient(configuration)
 	api := datadogV2.NewSecurityMonitoringApi(apiClient)
 	resp, r, err := api.SearchSecurityFindings(ctx, body)
diff --git a/tests/scenarios/features/v2/security_monitoring.feature b/tests/scenarios/features/v2/security_monitoring.feature
@@ -1323,23 +1323,20 @@ Feature: Security Monitoring
 
   @team:DataDog/cloud-security-posture-management @team:DataDog/k9-findings-platform
   Scenario: List security findings returns "Bad Request" response
-    Given operation "ListSecurityFindings" enabled
-    And new "ListSecurityFindings" request
+    Given new "ListSecurityFindings" request
     And request contains "page[cursor]" parameter with value "invalid_cursor"
     When the request is sent
     Then the response status is 400 Bad Request
 
   @team:DataDog/cloud-security-posture-management @team:DataDog/k9-findings-platform
   Scenario: List security findings returns "OK" response
-    Given operation "ListSecurityFindings" enabled
-    And new "ListSecurityFindings" request
+    Given new "ListSecurityFindings" request
     When the request is sent
     Then the response status is 200 OK
 
   @team:DataDog/cloud-security-posture-management @team:DataDog/k9-findings-platform
   Scenario: List security findings returns "OK" response with pagination
-    Given operation "ListSecurityFindings" enabled
-    And new "ListSecurityFindings" request
+    Given new "ListSecurityFindings" request
     And request contains "page[limit]" parameter with value 5
     When the request is sent
     Then the response status is 200 OK
@@ -1602,24 +1599,21 @@ Feature: Security Monitoring
 
   @team:DataDog/cloud-security-posture-management @team:DataDog/k9-findings-platform
   Scenario: Search security findings returns "Bad Request" response
-    Given operation "SearchSecurityFindings" enabled
-    And new "SearchSecurityFindings" request
+    Given new "SearchSecurityFindings" request
     And body with value {"page": {"cursor": "invalid_cursor"}}
     When the request is sent
     Then the response status is 400 Bad Request
 
   @team:DataDog/cloud-security-posture-management @team:DataDog/k9-findings-platform
   Scenario: Search security findings returns "OK" response
-    Given operation "SearchSecurityFindings" enabled
-    And new "SearchSecurityFindings" request
+    Given new "SearchSecurityFindings" request
     And body with value {"data": {"attributes": {"filter": "@severity:(critical OR high)"}}}
     When the request is sent
     Then the response status is 200 OK
 
   @team:DataDog/cloud-security-posture-management @team:DataDog/k9-findings-platform @with-pagination
   Scenario: Search security findings returns "OK" response with pagination
-    Given operation "SearchSecurityFindings" enabled
-    And new "SearchSecurityFindings" request
+    Given new "SearchSecurityFindings" request
     And body with value {"data": {"attributes": {"filter": "@severity:(critical OR high)", "page": {"limit": 1}}}}
     When the request is sent
     Then the response status is 200 OK

Original file line number	Diff line number	Diff line change
`@@ -22,7 +22,6 @@ func main() {`
`22`	`22`	`}`
`23`	`23`	`ctx := datadog.NewDefaultContext(context.Background())`
`24`	`24`	`configuration := datadog.NewConfiguration()`
`25`		`- configuration.SetUnstableOperationEnabled("v2.SearchSecurityFindings", true)`
`26`	`25`	`apiClient := datadog.NewAPIClient(configuration)`
`27`	`26`	`api := datadogV2.NewSecurityMonitoringApi(apiClient)`
`28`	`27`	`resp, r, err := api.SearchSecurityFindings(ctx, body)`
Original file line number	Diff line number	Diff line change
`@@ -25,7 +25,6 @@ func main() {`
`25`	`25`	`}`
`26`	`26`	`ctx := datadog.NewDefaultContext(context.Background())`
`27`	`27`	`configuration := datadog.NewConfiguration()`
`28`		`- configuration.SetUnstableOperationEnabled("v2.SearchSecurityFindings", true)`
`29`	`28`	`apiClient := datadog.NewAPIClient(configuration)`
`30`	`29`	`api := datadogV2.NewSecurityMonitoringApi(apiClient)`
`31`	`30`	`resp, r, err := api.SearchSecurityFindings(ctx, body)`