Update Security Findings Public API docs (#3253)

api-clients-generation-pipeline[bot] · ci.datadog-api-spec · web-flow · commit 6160f2faac23 · 2026-01-09T21:34:42.000Z
Co-authored-by: ci.datadog-api-spec &lt;packages@datadoghq.com&gt;
diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml
@@ -82195,13 +82195,6 @@ paths:
       description: 'Get a list of security findings that match a search query.
 
 
-        This endpoint requires one of the following permissions:
-
-        - `security_monitoring_findings_read`
-
-        - `appsec_vm_read`
-
-
         ### Query Syntax
 
 
@@ -82264,8 +82257,6 @@ paths:
         appKeyAuth: []
       - AuthZ:
         - security_monitoring_findings_read
-      - AuthZ:
-        - appsec_vm_read
       summary: List security findings
       tags:
       - Security Monitoring
@@ -82279,9 +82270,6 @@ paths:
         permissions:
         - security_monitoring_findings_read
         - appsec_vm_read
-      x-unstable: '**Note**: This endpoint is in beta and subject to change.
-
-        If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
   /api/v2/security/findings/cases:
     delete:
       description: 'Detach security findings from their case.
@@ -82506,13 +82494,6 @@ paths:
       description: 'Get a list of security findings that match a search query.
 
 
-        This endpoint requires one of the following permissions:
-
-        - `security_monitoring_findings_read`
-
-        - `appsec_vm_read`
-
-
         ### Query Syntax
 
 
@@ -82546,8 +82527,6 @@ paths:
         appKeyAuth: []
       - AuthZ:
         - security_monitoring_findings_read
-      - AuthZ:
-        - appsec_vm_read
       summary: Search security findings
       tags:
       - Security Monitoring
@@ -82562,9 +82541,6 @@ paths:
         permissions:
         - security_monitoring_findings_read
         - appsec_vm_read
-      x-unstable: '**Note**: This endpoint is in beta and subject to change.
-
-        If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
   /api/v2/security/sboms:
     get:
       description: 'Get a list of assets SBOMs for an organization.
diff --git a/features/v2/security_monitoring.feature b/features/v2/security_monitoring.feature
@@ -1323,23 +1323,20 @@ Feature: Security Monitoring
 
   @team:DataDog/cloud-security-posture-management @team:DataDog/k9-findings-platform
   Scenario: List security findings returns "Bad Request" response
-    Given operation "ListSecurityFindings" enabled
-    And new "ListSecurityFindings" request
+    Given new "ListSecurityFindings" request
     And request contains "page[cursor]" parameter with value "invalid_cursor"
     When the request is sent
     Then the response status is 400 Bad Request
 
   @team:DataDog/cloud-security-posture-management @team:DataDog/k9-findings-platform
   Scenario: List security findings returns "OK" response
-    Given operation "ListSecurityFindings" enabled
-    And new "ListSecurityFindings" request
+    Given new "ListSecurityFindings" request
     When the request is sent
     Then the response status is 200 OK
 
   @team:DataDog/cloud-security-posture-management @team:DataDog/k9-findings-platform
   Scenario: List security findings returns "OK" response with pagination
-    Given operation "ListSecurityFindings" enabled
-    And new "ListSecurityFindings" request
+    Given new "ListSecurityFindings" request
     And request contains "page[limit]" parameter with value 5
     When the request is sent
     Then the response status is 200 OK
@@ -1602,24 +1599,21 @@ Feature: Security Monitoring
 
   @team:DataDog/cloud-security-posture-management @team:DataDog/k9-findings-platform
   Scenario: Search security findings returns "Bad Request" response
-    Given operation "SearchSecurityFindings" enabled
-    And new "SearchSecurityFindings" request
+    Given new "SearchSecurityFindings" request
     And body with value {"page": {"cursor": "invalid_cursor"}}
     When the request is sent
     Then the response status is 400 Bad Request
 
   @team:DataDog/cloud-security-posture-management @team:DataDog/k9-findings-platform
   Scenario: Search security findings returns "OK" response
-    Given operation "SearchSecurityFindings" enabled
-    And new "SearchSecurityFindings" request
+    Given new "SearchSecurityFindings" request
     And body with value {"data": {"attributes": {"filter": "@severity:(critical OR high)"}}}
     When the request is sent
     Then the response status is 200 OK
 
   @team:DataDog/cloud-security-posture-management @team:DataDog/k9-findings-platform @with-pagination
   Scenario: Search security findings returns "OK" response with pagination
-    Given operation "SearchSecurityFindings" enabled
-    And new "SearchSecurityFindings" request
+    Given new "SearchSecurityFindings" request
     And body with value {"data": {"attributes": {"filter": "@severity:(critical OR high)", "page": {"limit": 1}}}}
     When the request is sent
     Then the response status is 200 OK
diff --git a/services/security_monitoring/src/v2/SecurityMonitoringApi.ts b/services/security_monitoring/src/v2/SecurityMonitoringApi.ts
@@ -3057,16 +3057,6 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory {
   ): Promise<RequestContext> {
     const _config = _options || this.configuration;
 
-    if (
-      !_config.unstableOperations[
-        "SecurityMonitoringApi.v2.listSecurityFindings"
-      ]
-    ) {
-      throw new Error(
-        "Unstable operation 'listSecurityFindings' is disabled. Enable it by setting `configuration.unstableOperations['SecurityMonitoringApi.v2.listSecurityFindings'] = true`",
-      );
-    }
-
     // Path Params
     const localVarPath = "/api/v2/security/findings";
 
@@ -4349,16 +4339,6 @@ export class SecurityMonitoringApiRequestFactory extends BaseAPIRequestFactory {
   ): Promise<RequestContext> {
     const _config = _options || this.configuration;
 
-    if (
-      !_config.unstableOperations[
-        "SecurityMonitoringApi.v2.searchSecurityFindings"
-      ]
-    ) {
-      throw new Error(
-        "Unstable operation 'searchSecurityFindings' is disabled. Enable it by setting `configuration.unstableOperations['SecurityMonitoringApi.v2.searchSecurityFindings'] = true`",
-      );
-    }
-
     // verify required parameter 'body' is not null or undefined
     if (body === null || body === undefined) {
       throw new RequiredError("body", "searchSecurityFindings");
@@ -12062,10 +12042,6 @@ export class SecurityMonitoringApi {
   /**
    * Get a list of security findings that match a search query.
    *
-   * This endpoint requires one of the following permissions:
-   * - `security_monitoring_findings_read`
-   * - `appsec_vm_read`
-   *
    * ### Query Syntax
    *
    * This endpoint uses the logs query syntax. Findings attributes (living in the custom. namespace) are prefixed by @ when queried. Tags are queried without a prefix.
@@ -12632,10 +12608,6 @@ export class SecurityMonitoringApi {
   /**
    * Get a list of security findings that match a search query.
    *
-   * This endpoint requires one of the following permissions:
-   * - `security_monitoring_findings_read`
-   * - `appsec_vm_read`
-   *
    * ### Query Syntax
    *
    * The API uses the logs query syntax. Findings attributes (living in the custom. namespace) are prefixed by @ when queried. Tags are queried without a prefix.
