Discovery Apps (v1)

Endpoint URL

POST https://api-prod-eu-central-1.inappnavi.com/api/public/v1/{{tenantId}}/discovery/discoveryApps

Purpose

Retrieves a list of discovered applications for the specified time period, including usage metrics and other data displayed in the AppNavi UI.

Request Structure

When making a POST request to /discoveryApps ,include the authentication token in the header and include the following JSON body. Below is a common example; parameter names or structures may differ based on your final OpenAPI documentation:

Parameter	Type	Required	Description
`QueryParams`	`QueryParams`	Yes	The Additional data required to process API request

`QueryParams` Parameters:

Parameter	Type	Required	Description
`fromDate`	`string`	No	Start date in `YYYY-MM-DD HH:MM:SS` format. If provided, set `TimeRange` to `VIEW_CUSTOM_DAYS`.
`toDate`	`string`	No	End date in `YYYY-MM-DD HH:MM:SS` format. If provided, set `TimeRange` to `VIEW_CUSTOM_DAYS`.
`timeRange`	`string`	No	Possible values include `LAST_30_DAYS`, `VIEW_90_DAYS`, `VIEW_ALLTIME` and `VIEW_CUSTOM_DAYS`. If set to `VIEW_CUSTOM_DAYS`, you should provide `fromDate` and `toDate`. If not specified default to `LAST_30_DAYS`.
`page`	`integer`	No	The page number to retrieve data from. Defaults to 1.
`itemsPerPage`	`integer`	No	The number of items to retrieve per page. Defaults to 50, if not specified.
`displayedColumns`	`Array of Strings`	No	The list of property/column names to include in the response. Example: `["Url"]`. Defaults to all columns if not specified. Available `displayedColumns` are: "id", "title", "url", "vendor", "businessCapabilityNames", "hosting", "compliant", "userCount", "powerUserCount", "regularUserCount", "occasionalUserCount", "activityTime", "firstSeen", "lastSeen", "businessCapabilityIds", "managed", "appNaviApps", "subscriptionId", "isUBMActivated", "companyApp", "organizationalUnit", "shouldIncludeOrganizationalUnit", "shouldIncludeBusinessCapabilityNames", "privacyPolicy", "termsOfService", "category", "saasMeta", "applicationLogo", "archivedAt", "source", "bcSuggestions", "isBCTrackingEnabled", "criticalityLevel", "dataLocation", "dataLocationName", "hasSensitiveData", "isAIProductivityTool", "businessProcess", "businessProcessNames", "dataClassification", "dataClassificationNames"

Description of Fields

This table provides a detailed overview of all application fields, including their technical (API) names, data types, corresponding UI labels, descriptions and data sources. It helps map backend data structures to the user interface and clarifies whether each field is automatically populated or manually maintained.

Technical Name (API)	Type	UI Name	Description	Source
title	string	Title	Name of the application	Manual (Editable)
url	string	Application URL	Base URL of the app	Automatically
vendor	string	Vendor	Application provider	Manual / SaaS
businessCapabilityIds	Array	Business capabilities	Business mapping	Manual / Suggested
dataClassification	Array	Data classification	Defines the type and sensitivity level of data handled by the application	Auto / Derived (based on detected data patterns or policies)
businessProcess	Array	Business Process	Indicates which organizational process the application supports (e.g., HR, Finance, Marketing). Helps align apps with business functions.	Manual / Suggested
category	string	Category	App classification	Manual
hosting	string	Hosting	Specifies where the application is hosted (e.g., Private Cloud, Public cloud, On-Premise). Useful for security, compliance, and infrastructure decisions.	Auto / SaaS Metadata
compliant	boolean	Compliant	Indicates whether the application meets organizational or regulatory compliance standards. Typically shown as Yes/ No status based.	Derived / Policy-based
criticalityLevel	string	Criticality Level	Represents how critical the application is for business operations (e.g., Low, Medium, High, Mission Critical). Helps prioritize risk and incident handling. It can be shown as High, Medium and Low	Manual
dataLocation	string	Primary data location	Hosting/data region	Automatically
users	integer	Users	Total unique users	Automatically
powerUserCount	integer	Power Users	Users active > 4 days/week	Auto (Calculated)
regularUserCount	integer	Regular Users	Users active 2- 4 days/week	Auto (Calculated)
occasionalUserCount	integer	Occasional Users	Users active < 2 days/week	Auto (Calculated)
medianScore	string	Copy /Paste Count	Shows the qualitative score derived from the median based on events of copy and paste. High – Frequent copy/paste activity detected. Medium – Moderate level of copy/paste activity Low – Minimal or no copy/paste activity observed	Auto (if enabled)
hasSensitiveData	boolean	Sensitive data/PII	Indicates whether the application handles sensitive or personally identifiable information (PII). Used for risk classification and compliance checks. Shown as Yes/ No status based.	Automatically
inflowScore	string	PII Inflow Risk	Indicates personal data presence. This can be High, medium and Low. High – Significant amount of PII is being entered into the application. Medium – Moderate level of PII inflow detected Low – Little to no PII inflow observed	Automatically
outflowScore	string	PII Outflow Risk	Indicates sensitive data risk. This can be High, Medium and Low High – High volume of PII being copied or exported Medium– Moderate level of PII outflow detected Low– Minimal or no PII outflow observed	Automatically
isAIProductivityTool	boolean	AI Productivity Tool	Identifies AI-based tools. It is shown as Yes/ No status based.	Automatically
ssoUsageRatio	string	SSO Usage	Shows the usage of SSO on applications which are accessed via Single Sign-On (SSO). these can be High, medium or low High – Majority of users access the application via SSO Medium– Partial SSO adoption, mix of SSO and non-SSO access Low– Minimal or no SSO usage	Derived / Integration-based
activityTime	double	Avg. daily Activity duration	Represents the average time users spend on the application per day. Useful for measuring engagement and usage intensity.	Automatically
firstSeen	string	First Seen	First time app detected	Automatically
lastSeen	string	Last Seen	Last activity timestamp	Automatically

SaaS Catalog Data Inheritance

This table presents the relationship between applications and the SaaS catalog by indicating which fields are automatically inherited and which are maintained manually. Applications recognized in the SaaS catalog benefit from predefined metadata, ensuring consistency and reducing manual effort, while non-catalog applications require user-defined inputs.

Properties Inherited from SaaS Catalog	Description
Title	Name of the application
Vendor	Application provider
Category	App classification
Privacy Policy	Policy URL
Terms of Services	Legal terms URL
Sensitive Data	Indicates whether the application handles sensitive or personally identifiable information (PII).
AI Productivity Tool	Identifies AI-based tools
Data Classification	Defines the type and sensitivity level of data handled by the application
Business Capability Ids	Represents the unique identifiers of the business capabilities associated with the application. These IDs are used to map the application to specific organizational functions (e.g., Finance, HR, Marketing)
SaaS Meta	Contains metadata provided by the SaaS catalog for recognized applications. This may include predefined attributes such as vendor, category, hosting type, compliance information, and other standardized details used to enrich application data.
Application Id	A unique identifier assigned to each application within the system. It is primarily used for API operations, data retrieval, and internal referencing.
Application Logo	Represents the visual icon or logo of the application displayed in the UI. This helps users quickly identify applications. Logos may be automatically fetched from the SaaS catalog or manually uploaded for custom applications.

Example: Calling via Postman

Open Postman and create a new POST request.
Set the Request URL to:

https://api-prod-eu-central-1.inappnavi.com/api/public/v1/{{tenantId}}/discovery/discoveryApps

Compose the Body:
1. In the Body tab, choose raw and then JSON.
2. Enter the required parameters in the request body.

{
  "queryParams": {
    "page": 1,
    "itemsPerPage": 25,
    "fromDate": "2024-01-21 00:00:00",
    "toDate": "2025-01-21 00:00:00",
    "timeRange": "VIEW_CUSTOM_DAYS",
    "displayedColumns": ["url", "title", "vendor"]
  }
}

Authentication Bearer token
1. Acquire Authentication Token click

{
    "ClientId": "example-client-id",
    "ClientSecret": "exampleClientSecret"
}

Send the Request:
Click Send.
If everything is correct, you should receive a 200 OK response with a JSON payload containing the discovered apps data.

Response Behavior:

The result array contains objects with only the requested columns.
Each object inside result includes only the columns requested in the API query.
The structure of each object may vary depending on the requested fields.
errorMessage will be null if the request is successful; otherwise, it will contain error details.
metaData provides pagination information such as current page and items per page.

Example Response:

{
  "result": [
    {
      "title": "Example App",
      "url": "https://example.com",
      "vendor": "Example Vendor"
    }
  ],
  "errorMessage": null,
  "metaData": {
    "page": 1,
    "itemsPerPage": 25
  }
}