--- openapi: 3.0.1 info: title: API V1 version: v1 paths: "/v1/accounts/{account_id}/deepscans": get: summary: List all deepscans for an account tags: - Deepscans security: - DryRunSecApiKey: [] parameters: - name: account_id in: path description: Account ID required: true schema: type: string responses: '200': description: deepscans listed content: application/json: schema: type: object properties: data: type: array items: type: object properties: id: type: string format: uuid repository_id: type: string format: uuid repository_name: type: string type: type: string branch: type: string nullable: true commit_sha: type: string nullable: true retry_count: type: integer created_at: type: string format: date-time required: - id - repository_id - repository_name - type - retry_count - created_at required: - data "/v1/accounts": get: summary: List accounts accessible by the API key tags: - Accounts security: - DryRunSecApiKey: [] description: Retrieve all accounts that the authenticated API key has access to, including organization information responses: '200': description: accounts listed content: application/json: schema: type: object properties: data: type: array items: type: object properties: account_id: type: string format: uuid description: Account ID org_id: type: string nullable: true description: Organization ID org_name: type: string nullable: true description: Organization name provider_type: type: string nullable: true description: Provider type (e.g., 'github', 'gitlab') active: type: boolean description: Whether the account is active created_at: type: string format: date-time nullable: true required: - account_id - active required: - data "/v1/accounts/{account_id}/all_findings": get: summary: List all findings (PR and deepscan) for an account tags: - Triage security: - DryRunSecApiKey: [] parameters: - name: account_id in: path description: Account ID required: true schema: type: string - name: finding_type in: query required: false schema: type: string enum: - deepscan - pullrequest - sca - code_policy - all description: Filter by finding type. Defaults to 'all' - name: severity in: query required: false description: 'Filter by severity (comma-separated: critical,high,medium,low)' schema: type: string - name: repository_id in: query required: false description: Filter by repository ID schema: type: string - name: branch in: query required: false description: Search for SCA and DeepScan findings by branch name. When not specified, returns findings from the default branch (NULL branch context). Does not affect PR or Code Policy findings. schema: type: string - name: all_results in: query required: false description: When true, returns all findings including historical scans. When false (default), returns only findings from the latest scan for each repository/branch. schema: type: boolean - name: page in: query required: false description: 'Page number (default: 1)' schema: type: integer - name: per_page in: query required: false description: 'Results per page (default: 50, max: 100)' schema: type: integer - name: days in: query required: true description: Filter to findings from the last N days (1-365). Required to prevent unbounded queries. schema: type: integer description: Retrieve all findings across PR scans, deepscans, SCA, and code policies for an account. By default, only returns findings from the latest scan (from_latest_scan=true). For SCA and DeepScan findings, defaults to the default branch unless a branch parameter is specified. Each finding includes an id that can be used with the triage endpoints. Results are sorted by created_at descending (newest first). responses: '200': description: findings listed content: application/json: schema: type: object properties: data: type: array items: type: object properties: id: type: string format: uuid description: Finding ID - use this with the triage endpoints finding_type: type: string enum: - deepscan - pullrequest - sca - code_policy description: Source of the finding dashboard_url: type: string format: uri description: URL to view this finding in the DryRun Security dashboard severity: type: string description: Finding severity (critical, high, medium, low) type: type: string description: Finding type/title description: type: string nullable: true filename: type: string nullable: true line_start: type: integer nullable: true line_end: type: integer nullable: true repository_name: type: string nullable: true pr_number: type: integer nullable: true description: PR number (for pullrequest findings only) created_at: type: string format: date-time nullable: true triage: type: object nullable: true description: Triage status if set, null if not triaged properties: category: type: string description: Triage category (false_positive, wont_fix, accepted_risk, in_progress) category_name: type: string description: Human-readable category name required: - id - finding_type - dashboard_url - severity - type pagination: type: object properties: total: type: integer description: Total number of findings page: type: integer description: Current page number per_page: type: integer description: Results per page total_pages: type: integer description: Total number of pages required: - total - page - per_page - total_pages required: - data - pagination "/v1/accounts/{account_id}/analyzers": parameters: - name: account_id in: path description: Account ID required: true schema: type: string get: summary: List available analyzers tags: - Analyzers security: - DryRunSecApiKey: [] description: Retrieve all enabled and visible analyzers. Use the 'slug' field as the key in configuration analyzers object. responses: '200': description: analyzers listed content: application/json: schema: type: object properties: data: type: array items: type: object properties: id: type: string format: uuid description: Analyzer ID name: type: string description: Internal analyzer name slug: type: string description: Analyzer slug - use this as the key in configuration analyzers object display_name: type: string nullable: true description: Human-readable display name description: type: string nullable: true description: Analyzer description enabled: type: boolean description: Whether the analyzer is enabled configuration: type: object nullable: true description: Default analyzer configuration required: - id - name - slug - enabled required: - data "/v1/accounts/{account_id}/configurations": parameters: - name: account_id in: path description: Account ID required: true schema: type: string get: summary: List configurations for an account tags: - Configurations security: - DryRunSecApiKey: [] responses: '200': description: configurations listed content: application/json: schema: type: object properties: data: type: array items: type: object properties: id: type: string format: uuid name: type: string nullable: true configuration: type: object nullable: true created_at: type: string format: date-time nullable: true required: - id required: - data post: summary: Create a new configuration tags: - Configurations security: - DryRunSecApiKey: [] parameters: [] responses: '201': description: configuration created content: application/json: schema: type: object properties: data: type: object properties: id: type: string format: uuid name: type: string configuration: type: object nullable: true created_at: type: string format: date-time requestBody: content: application/json: schema: type: object properties: configuration: type: object properties: name: type: string description: Configuration name configuration: type: object description: Configuration settings properties: comment: type: string enum: - disabled - silent - enabled show_scan_confirmation: type: boolean risk_threshold: type: integer analyzers: type: object description: Analyzer configurations keyed by analyzer slug (use /analyzers endpoint to get valid slugs) additionalProperties: type: object properties: enabled: type: boolean silent: type: boolean blocking: type: boolean risk_level: type: string enum: - info - low - medium - high - critical - fail - risky excludes: type: array items: type: string description: File patterns to exclude includes: type: array items: type: string description: File patterns to include code_policies: type: array description: Custom code policies (use /custom_policies endpoint to get valid IDs) items: type: object properties: id: type: string format: uuid description: Custom code policy ID enabled: type: boolean silent: type: boolean blocking: type: boolean required: - id notifications: type: object properties: enabled: type: boolean deduplicate: type: boolean integrationNames: type: array items: type: string required: - name repositories: type: array items: type: string format: uuid description: 'Optional: Repository IDs to assign this configuration to (use /repositories endpoint to get valid IDs)' required: - configuration "/v1/accounts/{account_id}/configurations/{id}": parameters: - name: account_id in: path description: Account ID required: true schema: type: string - name: id in: path description: Configuration ID required: true schema: type: string get: summary: Get a single configuration tags: - Configurations security: - DryRunSecApiKey: [] responses: '200': description: configuration found content: application/json: schema: type: object properties: data: type: object properties: id: type: string format: uuid name: type: string nullable: true configuration: type: object nullable: true created_at: type: string format: date-time nullable: true patch: summary: Update a configuration tags: - Configurations security: - DryRunSecApiKey: [] parameters: [] responses: '200': description: configuration updated content: application/json: schema: type: object properties: data: type: object properties: id: type: string format: uuid name: type: string nullable: true configuration: type: object nullable: true created_at: type: string format: date-time nullable: true requestBody: content: application/json: schema: type: object properties: configuration: type: object properties: name: type: string description: Configuration name configuration: type: object description: Configuration settings properties: comment: type: string enum: - disabled - silent - enabled show_scan_confirmation: type: boolean risk_threshold: type: integer analyzers: type: object description: Analyzer configurations keyed by analyzer slug additionalProperties: type: object properties: enabled: type: boolean silent: type: boolean blocking: type: boolean risk_level: type: string enum: - info - low - medium - high - critical - fail - risky excludes: type: array items: type: string includes: type: array items: type: string code_policies: type: array description: Custom code policies items: type: object properties: id: type: string format: uuid enabled: type: boolean silent: type: boolean blocking: type: boolean required: - id notifications: type: object properties: enabled: type: boolean deduplicate: type: boolean integrationNames: type: array items: type: string repositories: type: array items: type: string format: uuid description: 'Optional: Repository IDs to assign this configuration to' required: - configuration put: summary: Update a configuration tags: - Configurations security: - DryRunSecApiKey: [] parameters: [] responses: '200': description: configuration updated content: application/json: schema: type: object properties: data: type: object properties: id: type: string format: uuid name: type: string nullable: true configuration: type: object nullable: true created_at: type: string format: date-time nullable: true requestBody: content: application/json: schema: type: object properties: configuration: type: object properties: name: type: string description: Configuration name configuration: type: object description: Configuration settings properties: comment: type: string enum: - disabled - silent - enabled show_scan_confirmation: type: boolean risk_threshold: type: integer analyzers: type: object description: Analyzer configurations keyed by analyzer slug additionalProperties: type: object properties: enabled: type: boolean silent: type: boolean blocking: type: boolean risk_level: type: string enum: - info - low - medium - high - critical - fail - risky excludes: type: array items: type: string includes: type: array items: type: string code_policies: type: array description: Custom code policies items: type: object properties: id: type: string format: uuid enabled: type: boolean silent: type: boolean blocking: type: boolean required: - id notifications: type: object properties: enabled: type: boolean deduplicate: type: boolean integrationNames: type: array items: type: string repositories: type: array items: type: string format: uuid description: 'Optional: Repository IDs to assign this configuration to' required: - configuration delete: summary: Delete a configuration tags: - Configurations security: - DryRunSecApiKey: [] responses: '204': description: configuration deleted "/v1/accounts/{account_id}/configurations/bulk_update": parameters: - name: account_id in: path description: Account ID required: true schema: type: string post: summary: Bulk update multiple configurations tags: - Configurations security: - DryRunSecApiKey: [] parameters: [] responses: '200': description: configurations updated content: application/json: schema: type: object properties: updated_count: type: integer total_count: type: integer errors: type: array items: type: object requestBody: content: application/json: schema: type: object properties: configuration_ids: type: array items: type: string format: uuid description: Array of configuration IDs to update updates: type: object description: Configuration updates to apply to all specified configurations properties: comment: type: string enum: - disabled - silent - enabled show_scan_confirmation: type: boolean risk_threshold: type: integer analyzers: type: object description: Analyzer configurations keyed by analyzer slug additionalProperties: type: object properties: enabled: type: boolean silent: type: boolean blocking: type: boolean risk_level: type: string enum: - info - low - medium - high - critical - fail - risky excludes: type: array items: type: string includes: type: array items: type: string code_policies: type: array description: Custom code policies to apply items: type: object properties: id: type: string format: uuid description: Custom code policy ID enabled: type: boolean silent: type: boolean blocking: type: boolean required: - id notifications: type: object properties: enabled: type: boolean deduplicate: type: boolean integrationNames: type: array items: type: string required: - configuration_ids - updates "/v1/accounts/{account_id}/configurations/assign_repositories": parameters: - name: account_id in: path description: Account ID required: true schema: type: string post: summary: Assign a configuration to multiple repositories tags: - Configurations security: - DryRunSecApiKey: [] parameters: [] responses: '200': description: repositories assigned content: application/json: schema: type: object properties: configuration_id: type: string format: uuid configuration_name: type: string assigned_count: type: integer total_matched: type: integer errors: type: array items: type: object requestBody: content: application/json: schema: type: object properties: configuration_id: type: string format: uuid repository_ids: type: array items: type: string format: uuid description: Assign by repository IDs repository_names: type: array items: type: string description: Assign by exact repository names repository_pattern: type: string description: Assign by name pattern (SQL LIKE) required: - configuration_id "/v1/accounts/{account_id}/custom_policies": parameters: - name: account_id in: path description: Account ID required: true schema: type: string get: summary: List custom code policies for an account tags: - Custom Policies security: - DryRunSecApiKey: [] description: Retrieve all custom code policies (NLCPs) for an account. These policies can be referenced in configurations using their ID. responses: '200': description: custom policies listed content: application/json: schema: type: object properties: data: type: array items: type: object properties: id: type: string format: uuid description: Policy ID - use this in configuration code_policies array dashboard_url: type: string format: uri description: URL to view this policy in the DryRun Security dashboard title: type: string description: Policy title background: type: string nullable: true description: Background context for the policy guidance: type: string nullable: true description: Implementation guidance question: type: string description: The policy question to evaluate created_at: type: string format: date-time nullable: true updated_at: type: string format: date-time nullable: true required: - id - dashboard_url - title - question required: - data "/v1/accounts/{account_id}/repositories/{repository_id}/deepscans/{deepscan_id}/results": get: summary: List findings for a deepscan tags: - Deepscan Results security: - DryRunSecApiKey: [] parameters: - name: account_id in: path description: Account ID required: true schema: type: string - name: repository_id in: path description: Repository ID required: true schema: type: string - name: deepscan_id in: path description: Deepscan ID required: true schema: type: string - name: severity in: query required: false description: 'Filter by severity (comma-separated). Valid values: critical, high, medium, low' schema: type: string responses: '200': description: findings listed content: application/json: schema: type: object properties: dashboard_url: type: string format: uri description: URL to view this deepscan in the DryRun Security dashboard data: type: array items: type: object properties: id: type: string format: uuid dashboard_url: type: string format: uri description: URL to view this finding in the DryRun Security risk register title: type: string description: type: string severity: type: string technical_details: type: string impact: type: string remediation: type: string locations: type: array nullable: true items: type: object created_at: type: string format: date-time nullable: true required: - id - dashboard_url - title - description - severity required: - dashboard_url - data "/v1/accounts/{account_id}/repositories/{repository_id}/deepscans": get: summary: List deepscans for a repository tags: - Deepscans security: - DryRunSecApiKey: [] parameters: - name: account_id in: path description: Account ID required: true schema: type: string - name: repository_id in: path description: Repository ID required: true schema: type: string responses: '200': description: deepscans listed content: application/json: schema: type: object properties: data: type: array items: type: object properties: id: type: string format: uuid repository_id: type: string format: uuid type: type: string branch: type: string nullable: true commit_sha: type: string nullable: true retry_count: type: integer created_at: type: string format: date-time required: - id - repository_id - type - retry_count - created_at required: - data "/v1/accounts/{account_id}/repositories/{repository_id}/findings": get: summary: List pull-request findings for a repository tags: - Findings security: - DryRunSecApiKey: [] parameters: - name: account_id in: path description: Account ID required: true schema: type: string - name: repository_id in: path description: Repository ID required: true schema: type: string description: Retrieve all findings for a repository. Each finding includes a dashboard_url to view it in the DryRun Security risk register. responses: '200': description: findings listed content: application/json: schema: type: object properties: data: type: array items: type: object properties: id: type: string format: uuid dashboard_url: type: string format: uri description: URL to view this finding in the DryRun Security risk register severity: type: string type: type: string description: type: string filename: type: string line_start: type: integer nullable: true line_end: type: integer nullable: true created_at: type: string format: date-time nullable: true required: - id - dashboard_url - severity - type - description - filename required: - data "/v1/accounts/{account_id}/insights": parameters: - name: account_id in: path description: Account ID required: true schema: type: string get: summary: Get insights for an account tags: - Insights security: - DryRunSecApiKey: [] description: Retrieve the daily insights digest for an account. Insights are generated daily and highlight important security-related changes from analyzed pull requests that deserve attention. Returns the latest insights by default, or insights for a specific date if provided. parameters: - name: date in: query required: false description: Filter by date (YYYY-MM-DD format). If omitted, returns the latest available insights. schema: type: string responses: '200': description: insights retrieved content: application/json: schema: type: object properties: data: type: object properties: date: type: string nullable: true description: Date of the insights (YYYY/MM/DD format) insights: type: array items: type: object properties: title: type: string description: Title of the insight category description: type: string nullable: true description: Description of what this insight covers answer: type: string nullable: true description: Summary of findings for this category pull_requests: type: array description: Pull requests relevant to this insight items: type: object properties: number: type: integer nullable: true description: PR number repository: type: string nullable: true description: Repository name owner: type: string nullable: true description: Repository owner/organization url: type: string nullable: true description: URL to the pull request required: - date - insights required: - data "/v1/accounts/{account_id}/repositories": parameters: - name: account_id in: path description: Account ID required: true schema: type: string get: summary: List repositories for an account tags: - Repositories security: - DryRunSecApiKey: [] description: Retrieve all repositories for an account. Use the 'id' field when assigning configurations to repositories. responses: '200': description: repositories listed content: application/json: schema: type: object properties: data: type: array items: type: object properties: id: type: string format: uuid description: Repository ID - use this when assigning configurations name: type: string nullable: true description: Repository name provider_repo_id: type: integer format: int64 description: External provider repository ID (e.g., GitHub repo ID) configuration_id: type: string format: uuid nullable: true description: Currently assigned configuration ID enabled: type: boolean description: Whether the repository is enabled for scanning created_at: type: string format: date-time nullable: true required: - id - provider_repo_id - enabled required: - data "/v1/accounts/{account_id}/repositories/{repository_id}/deepscans/{deepscan_id}/sca_results": get: summary: List SCA findings for a deepscan tags: - SCA Results security: - DryRunSecApiKey: [] parameters: - name: account_id in: path description: Account ID required: true schema: type: string - name: repository_id in: path description: Repository ID required: true schema: type: string - name: deepscan_id in: path description: Deepscan ID required: true schema: type: string - name: severity in: query required: false description: 'Filter by severity (comma-separated). Valid values: critical, high, medium, low' schema: type: string responses: '200': description: SCA findings listed content: application/json: schema: type: object properties: dashboard_url: type: string format: uri description: URL to view this deepscan in the DryRun Security dashboard data: type: array items: type: object properties: id: type: string format: uuid dashboard_url: type: string format: uri description: URL to view this finding in the DryRun Security risk register title: type: string description: type: string nullable: true severity: type: string package_name: type: string package_version: type: string package_ecosystem: type: string cve_id: type: string nullable: true cvss_score: type: number nullable: true cvss_vector: type: string nullable: true fixed_version: type: string nullable: true remediation: type: string nullable: true locations: type: array nullable: true items: type: object references: type: array nullable: true items: type: object created_at: type: string format: date-time nullable: true required: - id - dashboard_url - title - severity - package_name - package_version - package_ecosystem required: - dashboard_url - data '404': description: deepscan not found content: application/json: schema: type: object properties: error: type: string "/v1/accounts/{account_id}/repositories/{repository_id}/scans": parameters: - name: account_id in: path description: Account ID required: true schema: type: string - name: repository_id in: path description: Repository ID required: true schema: type: string get: summary: List PR scans for a repository tags: - Scans security: - DryRunSecApiKey: [] description: Retrieve all PR scan results for a repository with optional filtering parameters: - name: date_from in: query required: false description: Filter scans from this date (ISO 8601 format) schema: type: string - name: date_to in: query required: false description: Filter scans to this date (ISO 8601 format) schema: type: string - name: initiated_by in: query required: false description: Filter by user ID who initiated the scan schema: type: string - name: result in: query required: false description: 'Filter by risk level (comma-separated: failing, risky, info)' schema: type: string - name: severity in: query required: false description: 'Filter by severity (comma-separated: critical, high, medium, low)' schema: type: string responses: '200': description: scans listed content: application/json: schema: type: object properties: data: type: array items: type: object properties: scan_id: type: string format: uuid description: Scan/Run ID dashboard_url: type: string format: uri description: URL to view this scan in the DryRun Security dashboard pr_number: type: integer description: Pull request number pr_title: type: string nullable: true description: Pull request title pr_status: type: string nullable: true description: Pull request status scan_date: type: string format: date-time nullable: true description: When the scan was performed initiated_by: type: string format: uuid nullable: true description: User ID who initiated the scan status: type: string nullable: true description: Scan status summary: type: string nullable: true description: Developer-facing scan summary/comment vulnerability_summary: type: string nullable: true description: AppSec-facing vulnerability summary risk_threshold: type: string nullable: true description: Risk threshold identifier (fail, risk, info) required: - scan_id - dashboard_url - pr_number required: - data "/v1/accounts/{account_id}/repositories/{repository_id}/scans/{id}": parameters: - name: account_id in: path description: Account ID required: true schema: type: string - name: repository_id in: path description: Repository ID required: true schema: type: string - name: id in: path description: Scan ID required: true schema: type: string get: summary: Get detailed PR scan results tags: - Scans security: - DryRunSecApiKey: [] description: Retrieve detailed scan results including findings/vulnerabilities for a specific PR scan parameters: - name: findings_result in: query required: false description: 'Filter findings by severity (comma-separated: failing, risky, info)' schema: type: string responses: '200': description: scan found content: application/json: schema: type: object properties: scan_id: type: string format: uuid description: Scan/Run ID dashboard_url: type: string format: uri description: URL to view this scan in the DryRun Security dashboard pr_number: type: integer description: Pull request number pr_title: type: string nullable: true description: Pull request title pr_status: type: string nullable: true description: Pull request status scan_date: type: string format: date-time nullable: true description: When the scan was performed initiated_by: type: string format: uuid nullable: true description: User ID who initiated the scan status: type: string nullable: true description: Scan status summary: type: string nullable: true description: Developer-facing scan summary/comment vulnerability_summary: type: string nullable: true description: AppSec-facing vulnerability summary risk_threshold: type: string nullable: true description: Risk threshold identifier (fail, risk, info) findings: type: array description: List of findings/vulnerabilities from the scan items: type: object properties: id: type: string format: uuid dashboard_url: type: string format: uri description: URL to view this finding in the DryRun Security risk register type: type: string nullable: true severity: type: string nullable: true confidence: type: string nullable: true description: type: string nullable: true filename: type: string nullable: true line_start: type: integer nullable: true line_end: type: integer nullable: true meta: type: object nullable: true required: - id - dashboard_url findings_count: type: integer description: Total number of findings required: - scan_id - dashboard_url - pr_number - findings - findings_count "/v1/accounts/{account_id}/findings/{finding_id}/triage": post: summary: Set triage category for a finding tags: - Triage security: - DryRunSecApiKey: [] parameters: - name: account_id in: path description: Account ID required: true schema: type: string - name: finding_id in: path description: Finding ID (UUID) required: true schema: type: string description: |- Set or update the triage category for a finding. Supports both deepscan and pull request findings. Valid categories: false_positive, wont_fix, accepted_risk, in_progress. Valid finding types: deepscan, pullrequest. responses: '200': description: triage set successfully content: application/json: schema: type: object properties: data: type: object properties: id: type: string format: uuid finding_id: type: string format: uuid finding_type: type: string category: type: string category_name: type: string notes: type: string nullable: true created_by: type: string nullable: true created_at: type: string format: date-time nullable: true requestBody: content: application/json: schema: type: object properties: finding_type: type: string enum: - deepscan - pullrequest example: deepscan description: 'Type of finding. Valid values: deepscan, pullrequest' category: type: string enum: - false_positive - wont_fix - accepted_risk - in_progress example: wont_fix description: 'Triage category. Valid values: false_positive, wont_fix, accepted_risk, in_progress' notes: type: string example: Reason for triage decision description: Optional notes explaining the triage decision nullable: true required: - finding_type - category get: summary: Get triage status for a finding tags: - Triage security: - DryRunSecApiKey: [] parameters: - name: account_id in: path description: Account ID required: true schema: type: string - name: finding_id in: path description: Finding ID (UUID) required: true schema: type: string - name: finding_type in: query required: true schema: type: string enum: - deepscan - pullrequest description: Type of finding description: Get the current triage status for a finding. responses: '200': description: no triage found (returns null data) content: application/json: schema: type: object properties: data: type: object nullable: true properties: id: type: string format: uuid finding_id: type: string format: uuid finding_type: type: string category: type: string category_name: type: string notes: type: string nullable: true created_by: type: string nullable: true created_at: type: string format: date-time nullable: true delete: summary: Remove triage category from a finding tags: - Triage security: - DryRunSecApiKey: [] parameters: - name: account_id in: path description: Account ID required: true schema: type: string - name: finding_id in: path description: Finding ID (UUID) required: true schema: type: string - name: finding_type in: query required: true schema: type: string enum: - deepscan - pullrequest description: Type of finding description: Remove the triage category from a finding. responses: '204': description: triage removed successfully tags: - name: Accounts description: Account management - name: Analyzers description: Available security analyzers - name: Configurations description: Security configuration management - name: Custom Policies description: Custom code policies (NLCPs) - name: Deepscan Results description: Deep scan finding results - name: Deepscans description: Deep scan operations - name: Findings description: Pull request findings - name: Insights description: Daily security insights digests - name: Repositories description: Repository management - name: Scans description: PR scan results - name: Triage description: Finding triage management servers: - url: https://simple-api.dryrun.security description: Production components: securitySchemes: DryRunSecApiKey: type: http scheme: bearer bearerFormat: JWT description: DryRun Security API Key security: - DryRunSecApiKey: []