Update Security Findings Public API docs (#3070)

api-clients-generation-pipeline[bot] · ci.datadog-api-spec · web-flow · commit 4ba4dec663bc · 2026-01-09T21:34:56.000Z
Co-authored-by: ci.datadog-api-spec &lt;packages@datadoghq.com&gt;
diff --git a/.generator/schemas/v2/openapi.yaml b/.generator/schemas/v2/openapi.yaml
@@ -82195,13 +82195,6 @@ paths:
       description: 'Get a list of security findings that match a search query.
 
 
-        This endpoint requires one of the following permissions:
-
-        - `security_monitoring_findings_read`
-
-        - `appsec_vm_read`
-
-
         ### Query Syntax
 
 
@@ -82264,8 +82257,6 @@ paths:
         appKeyAuth: []
       - AuthZ:
         - security_monitoring_findings_read
-      - AuthZ:
-        - appsec_vm_read
       summary: List security findings
       tags:
       - Security Monitoring
@@ -82279,9 +82270,6 @@ paths:
         permissions:
         - security_monitoring_findings_read
         - appsec_vm_read
-      x-unstable: '**Note**: This endpoint is in beta and subject to change.
-
-        If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
   /api/v2/security/findings/cases:
     delete:
       description: 'Detach security findings from their case.
@@ -82506,13 +82494,6 @@ paths:
       description: 'Get a list of security findings that match a search query.
 
 
-        This endpoint requires one of the following permissions:
-
-        - `security_monitoring_findings_read`
-
-        - `appsec_vm_read`
-
-
         ### Query Syntax
 
 
@@ -82546,8 +82527,6 @@ paths:
         appKeyAuth: []
       - AuthZ:
         - security_monitoring_findings_read
-      - AuthZ:
-        - appsec_vm_read
       summary: Search security findings
       tags:
       - Security Monitoring
@@ -82562,9 +82541,6 @@ paths:
         permissions:
         - security_monitoring_findings_read
         - appsec_vm_read
-      x-unstable: '**Note**: This endpoint is in beta and subject to change.
-
-        If you have any feedback, contact [Datadog support](https://docs.datadoghq.com/help/).'
   /api/v2/security/sboms:
     get:
       description: 'Get a list of assets SBOMs for an organization.
diff --git a/examples/v2/security-monitoring/ListSecurityFindings.py b/examples/v2/security-monitoring/ListSecurityFindings.py
@@ -6,7 +6,6 @@
 from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi
 
 configuration = Configuration()
-configuration.unstable_operations["list_security_findings"] = True
 with ApiClient(configuration) as api_client:
     api_instance = SecurityMonitoringApi(api_client)
     response = api_instance.list_security_findings()
diff --git a/examples/v2/security-monitoring/ListSecurityFindings_2925663885.py b/examples/v2/security-monitoring/ListSecurityFindings_2925663885.py
@@ -6,7 +6,6 @@
 from datadog_api_client.v2.api.security_monitoring_api import SecurityMonitoringApi
 
 configuration = Configuration()
-configuration.unstable_operations["list_security_findings"] = True
 with ApiClient(configuration) as api_client:
     api_instance = SecurityMonitoringApi(api_client)
     response = api_instance.list_security_findings(
diff --git a/examples/v2/security-monitoring/SearchSecurityFindings.py b/examples/v2/security-monitoring/SearchSecurityFindings.py
@@ -19,7 +19,6 @@
 )
 
 configuration = Configuration()
-configuration.unstable_operations["search_security_findings"] = True
 with ApiClient(configuration) as api_client:
     api_instance = SecurityMonitoringApi(api_client)
     response = api_instance.search_security_findings(body=body)
diff --git a/examples/v2/security-monitoring/SearchSecurityFindings_3678541639.py b/examples/v2/security-monitoring/SearchSecurityFindings_3678541639.py
@@ -23,7 +23,6 @@
 )
 
 configuration = Configuration()
-configuration.unstable_operations["search_security_findings"] = True
 with ApiClient(configuration) as api_client:
     api_instance = SecurityMonitoringApi(api_client)
     response = api_instance.search_security_findings(body=body)
diff --git a/src/datadog_api_client/configuration.py b/src/datadog_api_client/configuration.py
@@ -282,14 +282,12 @@ def __init__(
                 "v2.list_findings": False,
                 "v2.list_multiple_rulesets": False,
                 "v2.list_scanned_assets_metadata": False,
-                "v2.list_security_findings": False,
                 "v2.list_security_monitoring_histsignals": False,
                 "v2.list_threat_hunting_jobs": False,
                 "v2.list_vulnerabilities": False,
                 "v2.list_vulnerable_assets": False,
                 "v2.mute_findings": False,
                 "v2.run_threat_hunting_job": False,
-                "v2.search_security_findings": False,
                 "v2.search_security_monitoring_histsignals": False,
                 "v2.create_dataset": False,
                 "v2.delete_dataset": False,
diff --git a/src/datadog_api_client/v2/api/security_monitoring_api.py b/src/datadog_api_client/v2/api/security_monitoring_api.py
@@ -3816,11 +3816,6 @@ def list_security_findings(
 
         Get a list of security findings that match a search query.
 
-        This endpoint requires one of the following permissions:
-
-        * ``security_monitoring_findings_read``
-        * ``appsec_vm_read``
-
         **Query Syntax**
 
         This endpoint uses the logs query syntax. Findings attributes (living in the custom. namespace) are prefixed by @ when queried. Tags are queried without a prefix.
@@ -4724,11 +4719,6 @@ def search_security_findings(
 
         Get a list of security findings that match a search query.
 
-        This endpoint requires one of the following permissions:
-
-        * ``security_monitoring_findings_read``
-        * ``appsec_vm_read``
-
         **Query Syntax**
 
         The API uses the logs query syntax. Findings attributes (living in the custom. namespace) are prefixed by @ when queried. Tags are queried without a prefix.
diff --git a/tests/v2/features/security_monitoring.feature b/tests/v2/features/security_monitoring.feature
@@ -1323,23 +1323,20 @@ Feature: Security Monitoring
 
   @team:DataDog/cloud-security-posture-management @team:DataDog/k9-findings-platform
   Scenario: List security findings returns "Bad Request" response
-    Given operation "ListSecurityFindings" enabled
-    And new "ListSecurityFindings" request
+    Given new "ListSecurityFindings" request
     And request contains "page[cursor]" parameter with value "invalid_cursor"
     When the request is sent
     Then the response status is 400 Bad Request
 
   @team:DataDog/cloud-security-posture-management @team:DataDog/k9-findings-platform
   Scenario: List security findings returns "OK" response
-    Given operation "ListSecurityFindings" enabled
-    And new "ListSecurityFindings" request
+    Given new "ListSecurityFindings" request
     When the request is sent
     Then the response status is 200 OK
 
   @team:DataDog/cloud-security-posture-management @team:DataDog/k9-findings-platform
   Scenario: List security findings returns "OK" response with pagination
-    Given operation "ListSecurityFindings" enabled
-    And new "ListSecurityFindings" request
+    Given new "ListSecurityFindings" request
     And request contains "page[limit]" parameter with value 5
     When the request is sent
     Then the response status is 200 OK
@@ -1602,24 +1599,21 @@ Feature: Security Monitoring
 
   @team:DataDog/cloud-security-posture-management @team:DataDog/k9-findings-platform
   Scenario: Search security findings returns "Bad Request" response
-    Given operation "SearchSecurityFindings" enabled
-    And new "SearchSecurityFindings" request
+    Given new "SearchSecurityFindings" request
     And body with value {"page": {"cursor": "invalid_cursor"}}
     When the request is sent
     Then the response status is 400 Bad Request
 
   @team:DataDog/cloud-security-posture-management @team:DataDog/k9-findings-platform
   Scenario: Search security findings returns "OK" response
-    Given operation "SearchSecurityFindings" enabled
-    And new "SearchSecurityFindings" request
+    Given new "SearchSecurityFindings" request
     And body with value {"data": {"attributes": {"filter": "@severity:(critical OR high)"}}}
     When the request is sent
     Then the response status is 200 OK
 
   @team:DataDog/cloud-security-posture-management @team:DataDog/k9-findings-platform @with-pagination
   Scenario: Search security findings returns "OK" response with pagination
-    Given operation "SearchSecurityFindings" enabled
-    And new "SearchSecurityFindings" request
+    Given new "SearchSecurityFindings" request
     And body with value {"data": {"attributes": {"filter": "@severity:(critical OR high)", "page": {"limit": 1}}}}
     When the request is sent
     Then the response status is 200 OK

Original file line number	Diff line number	Diff line change
`@@ -19,7 +19,6 @@`
`19`	`19`	`)`
`20`	`20`
`21`	`21`	`configuration = Configuration()`
`22`		`-configuration.unstable_operations["search_security_findings"] = True`
`23`	`22`	`with ApiClient(configuration) as api_client:`
`24`	`23`	`api_instance = SecurityMonitoringApi(api_client)`
`25`	`24`	`response = api_instance.search_security_findings(body=body)`
Original file line number	Diff line number	Diff line change
`@@ -23,7 +23,6 @@`
`23`	`23`	`)`
`24`	`24`
`25`	`25`	`configuration = Configuration()`
`26`		`-configuration.unstable_operations["search_security_findings"] = True`
`27`	`26`	`with ApiClient(configuration) as api_client:`
`28`	`27`	`api_instance = SecurityMonitoringApi(api_client)`
`29`	`28`	`response = api_instance.search_security_findings(body=body)`