🪐
Cantina Docs
  • 🪐Welcome to Cantina
  • 🤝Services
    • Security Reviews
    • Competitions
    • Bug Bounty
    • Guilds
    • Public Goods
  • 💵Referral program
  • 📄Public Reports
  • 👑Reputation
  • 👥Cantina Account
    • 🔷Claim an Account
    • 🔷Company Account
      • 🔹Create a Company Account
      • 🔹Managing users
      • 🔹Company Dashboard
      • 🔹Company Reviews
    • 🔷Security Researcher Account
      • 🔹Create Security Researcher Account
      • 🔹Security Researcher Dashboard
      • 🔹Calendar
      • 🔹Reviews
      • 🔹KYC and Payments
  • 💻Cantina Code
    • 🕵️Cantina Code for Security Researchers
      • 🔶Code Review
        • 🔸Download content and toggle sidebar
        • 🔸Highlighting code
      • 🔶Findings
        • 🔸Findings Submission
        • 🔸Findings Labels
        • 🔸Findings Status
        • 🔸Add code to existing finding
        • 🔸Examples
      • 🔶Chat
      • 🔶Reports
      • 🔶Comments & Pings
      • 🔶Diagrams & Formulas
    • 🏢Cantina Code for Companies
      • 🗄️Responding to Pings
      • 🗄️Responding to Findings
      • 🗄️Report Generation
      • 🧩Cantina + Zapier Integration
        • Zapier api reference
  • 🏆Cantina Competitions
    • 🕵️For Security Researchers
      • 🔶Payments
      • 🔶Teams
      • 🔶Finding Status
      • 🔶Finding Labels
    • 🏢For Companies
      • 🗄️Competition Submission Template
    • 🧑‍⚖️Judging Process
      • 📜Finding Severity Criteria
      • 📜Scoring
      • 📜Judging Phase
      • 📜Escalation Process
    • 🤝 Fellowship Steward Model
  • 💰 Cantina Bounties
    • 🕵️For Security Researchers
      • 🔶Bug Bounty Finding status
    • Bounty Severity Classification
    • Mediation Process for Bounties
  • ✅ Cantina Bug Bounty Coverage
    • Cantina Coverage Details
  • ❓FAQ
    • ❔FAQ Competitions
    • ❔FAQ Security Reviews
  • 🔗Links
Powered by GitBook
On this page
  1. 💻Cantina Code
  2. 🏢Cantina Code for Companies
  3. 🧩Cantina + Zapier Integration

Zapier api reference

PreviousCantina + Zapier IntegrationNextCantina Competitions

Last updated 24 days ago

CtrlK
  • POSTEndpoint to create a Zapier subscription.
  • GETEndpoint to retrieve a Zapier subscription.
  • GETEndpoint to return sample data for the Zap editor, helping users test triggers and map fields before activating their Zap.
  • DELETEDeletes a Zapier subscription.

Endpoint to create a Zapier subscription.

post

This is how a Zap (An automated Zapier workflow that connects Cantina to other apps that have Zapier integrations) makes a subscription request to Cantina to be notified (via webhook) of events.

The payload contains a target_url which is the URL used as the webhook.

See https://docs.zapier.com/platform/build/hook-trigger#subscribe

Access control rules

  • The requester is authenticated.

  • The requester must be an admin for the given repository.

Body
all ofOptional
one ofOptional
or
and
Responses
201

Creation successful

application/json
400

Bad request

application/json
401

Access not authorised

application/json
403

Access forbidden

application/json
500

Internal server error

application/json
post
POST /api/v0/zapier/subscriptions HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 99

{
  "repositoryId": "123e4567-e89b-12d3-a456-426614174000",
  "kind": "finding_created",
  "targetUrl": "text"
}
{
  "id": "123e4567-e89b-12d3-a456-426614174000"
}

Endpoint to retrieve a Zapier subscription.

get

Access control rules

  • The requester is authenticated.

  • Non admin can retrieve only their subscription.

  • Admin can retrieve any subscription.

Path parameters
idstring · uuidRequired
Responses
200

A Zapier subscription

application/json
Responseall of
one ofOptional
or
and
400

Bad request

application/json
401

Access not authorised

application/json
403

Access forbidden

application/json
500

Internal server error

application/json
get
GET /api/v0/zapier/subscriptions/{id} HTTP/1.1
Host: 
Accept: */*
{
  "repositoryId": "123e4567-e89b-12d3-a456-426614174000",
  "kind": "finding_created",
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "userId": "123e4567-e89b-12d3-a456-426614174000",
  "targetUrl": "text"
}

Endpoint to return sample data for the Zap editor, helping users test triggers and map fields before activating their Zap.

get

See https://docs.zapier.com/platform/build/hook-trigger#perform-list

Access control rules

  • The requester is authenticated.

Path parameters
event_kindstring · enumRequired

Kind of event

Possible values:
Responses
200

List of zapier sample events

application/json
400

Bad request

application/json
401

Access not authorised

application/json
403

Access forbidden

application/json
500

Internal server error

application/json
get
GET /api/v0/zapier/subscriptions/events/{event_kind}/sample HTTP/1.1
Host: 
Accept: */*
[
  {
    "repositoryId": "123e4567-e89b-12d3-a456-426614174000",
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "number": 1,
    "title": "text",
    "severity": "critical",
    "likelihood": null,
    "impact": null,
    "assetGroup": null,
    "assets": [
      "123e4567-e89b-12d3-a456-426614174000"
    ],
    "createdAt": "2025-08-25T12:16:54.932Z",
    "kind": "finding_created"
  }
]

Deletes a Zapier subscription.

delete

Access control rules

  • The requester is authenticated.

  • Non admin, can only delete thier own subscriptions.

  • Admin can delete any subscription.

Path parameters
idstring · uuidRequired
Responses
204

Zapier subscription successfully deleted

400

Bad request

application/json
401

Access not authorised

application/json
403

Access forbidden

application/json
404

Subscription not found

application/json
500

Error deleting subscription

application/json
delete
DELETE /api/v0/zapier/subscriptions/{id} HTTP/1.1
Host: 
Accept: */*

No content