Add dast filter doc [LK-1628] (#2490)

lventura-codacy · web-flow · commit dd539d5f35fd · 2025-09-30T14:00:34.000+01:00
* feat: Add documentation for filtering results per DAST target

* feat: Add documentation for filtering results per DAST target
diff --git a/docs/codacy-api/examples/triggering-dast-scans.md b/docs/codacy-api/examples/triggering-dast-scans.md
@@ -83,4 +83,11 @@ Replace the placeholders with your own values:
 -   **ORGANIZATION:** Name of the organization on the Git provider. For example, `codacy`. You must have admin permissions over the organization on the Git provider.
 -   **DAST_TARGET_ID:** Identifier of a DAST target to analyze (obtained in the [previous section](./triggering-dast-scans.md#creating-targets). For example, `457`. You must have admin permissions over the organization on the Git provider.
 
-Scans occur asynchronously. To monitor an ongoing scan you can use the [target management page in Codacy](../../organizations/managing-security-and-risk.md#app-scanning). Once completed, you can access all scan results by navigating to the **Security dashboard**, selecting the **Findings tab** and filtering by **Scan types > DAST/App scanning**.
+Scans occur asynchronously. To monitor an ongoing scan you can use the [target management page in Codacy](../../organizations/managing-security-and-risk.md#app-scanning). Once completed, you can access all scan results by navigating to the **Security dashboard**, selecting the **Findings tab** and filtering by **Scan types > DAST/App scanning**, or by clicking on a configured target to expand all of that target's results.
+Additionaly, you can use the `SearchSRMItems` endpoint to filter findings by their DAST target URL with the following request:
+```bash
+curl -X POST https://app.codacy.com/api/v3/organizations/gh/codacy/security/items/search \
+  -H "Accept: application/json" \
+  -H "api-token: {API_KEY}" \
+  -d '{"statuses":["OnTrack","Overdue","DueSoon"],"dastTargetUrls":["example.com]}'
+```
diff --git a/docs/organizations/images/security-risk-management-app-scanning-see-results.png b/docs/organizations/images/security-risk-management-app-scanning-see-results.png
diff --git a/docs/organizations/managing-security-and-risk.md b/docs/organizations/managing-security-and-risk.md
@@ -643,4 +643,11 @@ Once a scan completes, results will be available under the **Findings** tab. Use
 !!! note
     Currently, DAST findings are only visible to admin and organization admin roles.
 
+### Findings results for your DAST scans
+
+As previously mentioned, once a scan completes, results will be available under the **Findings** tab. Use the **Scan types > DAST/App scanning** filter to view relevant findings.
+Additionaly, you can click on a configured target to expand all of that target's results.
+
+![DAST target results](images/security-risk-management-app-scanning-see-results.png)
+
 Follow our [roadmap](https://roadmap.codacy.com) for updates on this feature.
