Skip to main content
GET
/
api
/
admin
/
security
/
threats
/
{incidentId}
Get a full Praxis Shield incident (with evidence + LLM assessments)
curl --request GET \
  --url https://pria.praxislxp.com/api/admin/security/threats/{incidentId} \
  --header 'x-access-token: <api-key>'
{
  "success": true,
  "incident": {
    "_id": "<string>",
    "severity": 2,
    "categories": [
      "<string>"
    ],
    "title": "<string>",
    "summary": "<string>",
    "user": "<string>",
    "userEmail": "<string>",
    "userFname": "<string>",
    "userLname": "<string>",
    "institutionIds": [
      "<string>"
    ],
    "institutions": [
      {
        "_id": "<string>",
        "name": "<string>"
      }
    ],
    "evidence": [
      {}
    ],
    "llmAssessments": [
      {}
    ],
    "reviewerNotes": [
      {
        "author": "<string>",
        "note": "<string>",
        "createdAt": "2023-11-07T05:31:56Z"
      }
    ],
    "reviewerActions": [
      {
        "author": "<string>",
        "action": "<string>",
        "metadata": {},
        "createdAt": "2023-11-07T05:31:56Z"
      }
    ],
    "firstSeenAt": "2023-11-07T05:31:56Z",
    "lastSeenAt": "2023-11-07T05:31:56Z"
  }
}

Authorizations

x-access-token
string
header
required

JWT token passed in x-access-token header

Path Parameters

incidentId
string
required

Response

The full incident

success
boolean
incident
object

Full incident document INCLUDING evidence and llmAssessments, plus resolved institutions/user name fields. Evidence and LLM-assessment text is attacker-influenced and MUST be rendered INERT by the client.