Inventory

API inventory overview

Updated: June 19, 2025

apis inventory

The APIs section of the FireTail platform provides an overview of all discovered and custom APIs. Navigate to the APIs by going to Inventory in the FireTail platform and selecting APIs. Here, you can manage and view details of the APIs you have created, as well as those that have been discovered by FireTail. The APIs are organized in a way that allows you to quickly assess their usage, risk score, associated findings, and other critical data.

API list overview

The main APIs page displays a card or list view for each API with key attributes:

Attribute Description
API Name The API’s display name
Source Origin of the API
Creation Date When the API was added
Application Associated app
Findings Number and severity of security findings
Tags Relevant tags added from daily scans (last 90 days activity)

Filters

Use the filter function to filter for specific APIs. You can select to filter by:

  • Application
  • API
  • Cloud Platform
  • Code Repository Platform
  • API Type
  • AWS Account ID
  • Azure Subscription ID
  • Google Cloud Project Number
  • AWS Region
  • Endpoint
  • Azure Resource Type
  • Resource Type
  • Custom Tags
  • Cloud Tag
  • Owner
  • Name
  • Created By

Note on Cloud Tags

Cloud tags are key-value pairs associated with cloud resources (e.g., environment: production, region: us-east-1, etc) that are ingested from supported cloud providers. These tags can be used as filters to help identify and group APIs based on metadata defined in the cloud environment.

Add a filter

  1. Click Add Filter, select the filter type from the dropdown.
  2. Select an option from the is one of dropdown.
  3. Select the appropriate Value.
  4. Click Submit.

Download API Data

Click Download to download a CSV file of the API data. Learn more about how to download.

Sorting APIs

You can sort the API inventory by Risk score, Date created, Updated at and Findings. Click the arrow to toggle between ascending and descending order.

API metadata

Click any API card or title to open the detailed view, containing the following:

  • Risk score
  • Dashboard
  • Requests
  • Tokens
  • Specifications
  • Findings
  • Actions
  • Linked Resources
  • Details

API Risk scoring

FireTail's API Risk Scoring system categorizes APIs based on open findings to determine risk scores. Scores are divided into bands:

  • Critical: 80–100
  • High: 60–79
  • Medium: 40–59
  • Low: Below 40 Higher severity findings impact the score more significantly. The presence of critical findings results in the highest scores, followed by high, medium, and low findings. Learn more about API risk scoring.

Click the API card or title to view more information about that API.

API dashboard

The API dashboard provides an overview of the API:

  • The graph displays the aggregate of API requests grouped by apps. Hover over the graph to get a breakdown of the API requests for that time.
  • The map indicates the API requests grouped by the top 1000 locations.
  • The donut chart in the dashboard displays the total number of API requests. These API requests are grouped by status codes. Hover over the chart to get API request total of a particular status code.
  • The findings overview displays the number of findings that have been discovered. These are broken down by severity. Click View findings to be directed to the Findings page on the platform. Learn more about Findings here.

Requests

View the incoming requests and their details. The requests table can be filtered by time. Select from:

  • Last hour
  • Last day
  • Last month
  • Last 3 months
  • Custom

Select Custom and enter a Start date and an End date to filter by a specific date and time.

The Polling interval indicates how often the page data reloads from the API, in minutes. Select the polling interval from the dropdown.

Tokens

View existing API tokens or create new ones for authentication and integration. Learn how to Create an API token.

Findings

View security findings per API, including descriptions, severities, and remediation advice. Findings.

Specifications

View existing API tokens or create new ones for authentication and integration.iew or create any specifications for that API. Specifications can be used to group information for an API. Creating a specification on the platform enables you to view the inventory data. Learn more about Specifications

Actions

Actions are automated tasks performed on the API, which can be triggered by events or scheduled times. Click the Actions tab to view existing Actions or create new ones. Learn more about Actions.

Linked resources

Linked Resources can be connected to code repositories with APIs either manually or automatically. When done automatically, the system scans the code to find and link relevant resources in the background. For manual setup, you can click Create Link and select the appropriate code repository or API. FireTail identifies the correct cloud API corresponding to the one in the code and creates a linked resource between them

Details

View further details about the API, including:

  • UUID
  • Creation time
  • Status
  • Created by
  • Owners
  • Custom Tags

To modify the API, click 'Edit API'. View more information on making changes to the API.

Need help?

Contact FireTail support

Previous (Dashboard)
Tag reference guide
Next (Inventory - APIs)
Create an API