Zapier api reference
Last updated
Last updated
This is how a Zap (An automated Zapier workflow that connects Cantina to other apps that have Zapier integrations) makes a subscription request to Cantina to be notified (via webhook) of events.
The payload contains a target_url
which is the URL used as the webhook.
See https://docs.zapier.com/platform/build/hook-trigger#subscribe
The requester is authenticated.
The requester must be an admin for the given repository.
Creation successful
Bad request
Access not authorised
Access forbidden
Internal server error
POST /api/v0/zapier/subscriptions HTTP/1.1
Host:
Content-Type: application/json
Accept: */*
Content-Length: 99
{
"repositoryId": "123e4567-e89b-12d3-a456-426614174000",
"kind": "finding_created",
"targetUrl": "text"
}
{
"id": "123e4567-e89b-12d3-a456-426614174000"
}
A Zapier subscription
Bad request
Access not authorised
Access forbidden
Internal server error
GET /api/v0/zapier/subscriptions/{id} HTTP/1.1
Host:
Accept: */*
{
"repositoryId": "123e4567-e89b-12d3-a456-426614174000",
"kind": "finding_created",
"id": "123e4567-e89b-12d3-a456-426614174000",
"userId": "123e4567-e89b-12d3-a456-426614174000",
"targetUrl": "text"
}
Kind of event
List of zapier sample events
Bad request
Access not authorised
Access forbidden
Internal server error
GET /api/v0/zapier/subscriptions/events/{event_kind}/sample HTTP/1.1
Host:
Accept: */*
[
{
"repositoryId": "123e4567-e89b-12d3-a456-426614174000",
"id": "123e4567-e89b-12d3-a456-426614174000",
"number": 1,
"title": "text",
"severity": "critical",
"likelihood": null,
"impact": null,
"assetGroup": null,
"assets": [
"123e4567-e89b-12d3-a456-426614174000"
],
"createdAt": "2025-08-25T12:16:54.932Z",
"kind": "finding_created"
}
]
Zapier subscription successfully deleted
Bad request
Access not authorised
Access forbidden
Subscription not found
Error deleting subscription
DELETE /api/v0/zapier/subscriptions/{id} HTTP/1.1
Host:
Accept: */*
No content