Socket

Socket Organization Settings API

Configure Socket at the organization level — security policy (which alerts block/warn/ignore), license policy (allowed/denied SPDX identifiers), telemetry collection toggles, Socket Basics SAST/Secrets/Container scanning configuration, and integration event hooks for GitHub/GitLab/Bitbucket apps.

Socket Organization Settings API is one of 15 APIs that Socket publishes on the APIs.io network, described by a machine-readable OpenAPI specification.

This API exposes 5 machine-runnable capabilities that can be deployed as REST, MCP, or Agent Skill surfaces via Naftiko.

Tagged areas include Organization Settings, Security Policy, License Policy, and Telemetry. The published artifact set on APIs.io includes API documentation, an OpenAPI specification, and 5 Naftiko capability specs.

GitHub OpenAPI

Documentation

📖
Documentation
https://docs.socket.dev/reference/getorgsecuritypolicy

Specifications

OpenAPI
https://raw.githubusercontent.com/api-evangelist/socket-dev/refs/heads/main/openapi/socket-org-settings-api-openapi.yml

Other Resources

🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/socket-dev/refs/heads/main/capabilities/org-settings-security-policy.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/socket-dev/refs/heads/main/capabilities/org-settings-license-policy.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/socket-dev/refs/heads/main/capabilities/org-settings-telemetry.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/socket-dev/refs/heads/main/capabilities/org-settings-socket-basics.yaml
🔗
NaftikoCapability
https://raw.githubusercontent.com/api-evangelist/socket-dev/refs/heads/main/capabilities/org-settings-integration-events.yaml

OpenAPI Specification

socket-org-settings-api-openapi.yml Raw ↑ 
openapi: 3.0.0
info:
  description: Socket org settings API endpoints.
  title: Socket Org Settings API
  version: '0'
servers:
- url: https://api.socket.dev/v0
paths:
  /orgs/{org_slug}/settings/integrations/{integration_id}/events:
    get:
      tags:
      - org-settings
      summary: Get integration events
      operationId: getIntegrationEvents
      parameters:
      - name: org_slug
        in: path
        required: true
        description: The slug of the organization
        schema:
          type: string
      - name: integration_id
        in: path
        required: true
        description: The id of the integration
        schema:
          type: string
      security:
      - bearerAuth:
        - integration:list
      - basicAuth:
        - integration:list
      description: 'This endpoint consumes 1 unit of your quota.


        This endpoint requires the following org token scopes:

        - integration:list'
      responses:
        '200':
          content:
            application/json:
              schema:
                type: array
                items:
                  type: object
                  additionalProperties: false
                  description: ''
                  properties:
                    id:
                      type: string
                      description: ''
                      default: ''
                    integration_id:
                      type: string
                      description: ''
                      default: ''
                    type:
                      type: string
                      description: ''
                      default: ''
                    payload:
                      type: object
                      additionalProperties: false
                      description: ''
                      properties: {}
                    status_code:
                      type: integer
                      description: ''
                      default: 0
                    error:
                      type: string
                      description: ''
                      default: ''
                    sent_at:
                      type: string
                      description: ''
                      default: ''
                    retry_info:
                      type: array
                      items:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          status_code:
                            type: integer
                            description: ''
                            default: 0
                          error:
                            type: string
                            description: ''
                            default: ''
                          sent_at:
                            type: string
                            description: ''
                            default: ''
                        required:
                        - error
                        - sent_at
                        - status_code
                      description: ''
                    created_at:
                      type: string
                      description: ''
                      default: ''
                    updated_at:
                      type: string
                      description: ''
                      default: ''
                  required:
                  - created_at
                  - error
                  - id
                  - integration_id
                  - payload
                  - retry_info
                  - sent_at
                  - status_code
                  - type
                  - updated_at
                description: ''
          description: Lists events for the specified integration. The authenticated user must be a member of the organization.
        '400':
          $ref: '#/components/responses/SocketBadRequest'
        '401':
          $ref: '#/components/responses/SocketUnauthorized'
        '403':
          $ref: '#/components/responses/SocketForbidden'
        '404':
          $ref: '#/components/responses/SocketNotFoundResponse'
        '429':
          $ref: '#/components/responses/SocketTooManyRequestsResponse'
      x-readme: {}
  /orgs/{org_slug}/settings/security-policy:
    get:
      tags:
      - security-policy
      summary: Get Organization Security Policy
      operationId: getOrgSecurityPolicy
      parameters:
      - name: org_slug
        in: path
        required: true
        description: The slug of the organization
        schema:
          type: string
      - name: custom_rules_only
        in: query
        required: false
        description: Return only customized security policy rules.
        schema:
          type: boolean
          default: false
      security:
      - bearerAuth:
        - security-policy:read
      - basicAuth:
        - security-policy:read
      description: 'Retrieve the security policy of an organization.


        This endpoint consumes 1 unit of your quota.


        This endpoint requires the following org token scopes:

        - security-policy:read'
      responses:
        '200':
          content:
            application/json:
              schema:
                type: object
                additionalProperties: false
                properties:
                  securityPolicyRules:
                    type: object
                    additionalProperties: false
                    properties:
                      gptSecurity:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for gptSecurity issues.
                        required:
                        - action
                      gptAnomaly:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for gptAnomaly issues.
                        required:
                        - action
                      gptMalware:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for gptMalware issues.
                        required:
                        - action
                      filesystemAccess:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for filesystemAccess issues.
                        required:
                        - action
                      networkAccess:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for networkAccess issues.
                        required:
                        - action
                      shellAccess:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for shellAccess issues.
                        required:
                        - action
                      debugAccess:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for debugAccess issues.
                        required:
                        - action
                      chromePermission:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for chromePermission issues.
                        required:
                        - action
                      chromeHostPermission:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for chromeHostPermission issues.
                        required:
                        - action
                      chromeWildcardHostPermission:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for chromeWildcardHostPermission issues.
                        required:
                        - action
                      chromeContentScript:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for chromeContentScript issues.
                        required:
                        - action
                      criticalCVE:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for criticalCVE issues.
                        required:
                        - action
                      cve:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for cve issues.
                        required:
                        - action
                      mediumCVE:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for mediumCVE issues.
                        required:
                        - action
                      mildCVE:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for mildCVE issues.
                        required:
                        - action
                      emptyPackage:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for emptyPackage issues.
                        required:
                        - action
                      trivialPackage:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for trivialPackage issues.
                        required:
                        - action
                      noREADME:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for noREADME issues.
                        required:
                        - action
                      shrinkwrap:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for shrinkwrap issues.
                        required:
                        - action
                      tooManyFiles:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for tooManyFiles issues.
                        required:
                        - action
                      generic:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for generic issues.
                        required:
                        - action
                      ghaArgToSink:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for ghaArgToSink issues.
                        required:
                        - action
                      ghaEnvToSink:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for ghaEnvToSink issues.
                        required:
                        - action
                      ghaContextToSink:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for ghaContextToSink issues.
                        required:
                        - action
                      ghaArgToOutput:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for ghaArgToOutput issues.
                        required:
                        - action
                      ghaArgToEnv:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for ghaArgToEnv issues.
                        required:
                        - action
                      ghaContextToOutput:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for ghaContextToOutput issues.
                        required:
                        - action
                      ghaContextToEnv:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for ghaContextToEnv issues.
                        required:
                        - action
                      recentlyPublished:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for recentlyPublished issues.
                        required:
                        - action
                      licenseSpdxDisj:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for licenseSpdxDisj issues.
                        required:
                        - action
                      unsafeCopyright:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for unsafeCopyright issues.
                        required:
                        - action
                      licenseChange:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for licenseChange issues.
                        required:
                        - action
                      nonOSILicense:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for nonOSILicense issues.
                        required:
                        - action
                      deprecatedLicense:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for deprecatedLicense issues.
                        required:
                        - action
                      missingLicense:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for missingLicense issues.
                        required:
                        - action
                      nonSPDXLicense:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for nonSPDXLicense issues.
                        required:
                        - action
                      unclearLicense:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for unclearLicense issues.
                        required:
                        - action
                      mixedLicense:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for mixedLicense issues.
                        required:
                        - action
                      notice:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for notice issues.
                        required:
                        - action
                      modifiedLicense:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for modifiedLicense issues.
                        required:
                        - action
                      modifiedException:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for modifiedException issues.
                        required:
                        - action
                      licenseException:
                        type: object
                        additionalProperties: false
                        description: ''
                        properties:
                          action:
                            type: string
                            enum:
                            - defer
                            - error
                            - warn
                            - monitor
                            - ignore
                            description: The action to take for licenseException issues.
                        required:
                        - action
                      deprecatedException:
  

# --- truncated at 32 KB (311 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/socket-dev/refs/heads/main/openapi/socket-org-settings-api-openapi.yml