Query reports

  • Reports contain results of app bundle analysis, including compliance checks and data monitoring.

  • Reports can be accessed programmatically using the Get and List methods of the Checks API.

  • You can specify which fields to return in a report using the fields URL query parameter, also known as a field mask.

  • Reports returned by the List method can be filtered using the filter URL query parameter based on specific criteria.

  • Checks within reports can be filtered using the checksFilter URL query parameter, which is supported by both Get and List methods.

  • The List method supports pagination using the pageSize and pageToken parameters.

A Report contains the result of a single app bundle analysis and includes the compliance checks and data monitoring results. Almost all data that is offered through the Compliance and Data Monitoring pages of the Checks Console can be accessed programmatically through reports.

The Checks API provides standard Get and List methods to access reports:

Select which fields to return

Because reports contain a lot of data, only the name and resultsUri fields are returned by default. To return a different set of fields, list them explicitly in the fields URL query parameter.

Example:

GET https://checks.googleapis.com/v1alpha/accounts/123/apps/456/reports/789?fields=name,checks(type,state)

Returns:

{
  "name": "accounts/123/apps/456/reports/789",
  "checks": [
    {
      "type": "PRIVACY_POLICY_UPDATE_DATE_RECENT",
      "state": "PASSED"
    },
    ...
  ]
}

Nested fields can be listed using the dot syntax or by enclosing them in parentheses.

For example,

fields=checks.type,checks.state

is equivalent to

fields=checks(type,state)

Parentheses can also be used recursively, as in:

fields=checks(type,state,evidence(permissions,sdks))

This allows expressions to be more concise.

The value of the fields query parameter is also known as a field mask. See Field masks to learn more.

Below are more field mask examples for the Get and List methods:

Get

Expression Output
* Returns all fields.
name,checks Returns name and all nested fields of checks.
name,checks(type,state) Returns name, checks.type, and checks.state.
name,dataMonitoring Returns name and all nested fields of dataMonitoring.

List

Expression Output
* Returns all fields.
reports(name,checks) Returns name and all nested fields of checks.
reports(name,checks(type,state)) Returns name, checks.type, and checks.state.
reports(name,dataMonitoring) Returns name and all nested fields of dataMonitoring.

Filter reports

You can filter reports returned by the List method by passing a filter expression using the filter URL query parameter.

Here are some examples:

Expression Output
appBundle.releaseType = PRE_RELEASE Returns only reports of pre-release app bundles.
appBundle.releaseType = PUBLIC Returns only reports of public app bundles.
appBundle.codeReferenceId = abc123 Returns reports where the codeReferenceId equals abc123.

Filtering by these field paths is not supported:

  • checks.evidence.dataTypes.dataTypeEvidence.endpoints.attributedSdks.sdk.id
  • checks.evidence.dataTypes.dataTypeEvidence.endpoints.endpointDetails.endpoint.domain
  • checks.evidence.dataTypes.dataTypeEvidence.privacyPolicyTexts.policyFragment.htmlContent
  • checks.evidence.privacyPolicyTexts.policyFragment.htmlContent
  • checks.evidence.sdkIssues.sdk.id
  • dataMonitoring.dataTypes.dataTypeEvidence.endpoints.attributedSdks.sdk.id
  • dataMonitoring.dataTypes.dataTypeEvidence.endpoints.endpointDetails.endpoint.domain
  • dataMonitoring.dataTypes.dataTypeEvidence.privacyPolicyTexts.policyFragment.htmlContent
  • dataMonitoring.dataTypes.dataTypeEvidence.privacyPolicyTexts.policyFragment.sourceUri
  • dataMonitoring.permissions.metadata.lastDetectedAppVersion
  • resultsUri

See AIP-160 to learn how to create more filter expressions.

Filter checks within reports

You can filter checks within reports by passing a filter expression using the checksFilter URL query parameter. Only checks that match the filter expression are included in the response. This parameter is supported by both the List and Get methods.

Here are some examples:

Expression Output
state = FAILED Includes only failed checks.
citations.type:GDPR Includes only checks related to GDPR.
state = FAILED AND citations.type:GDPR Includes only failed checks related to GDRP.
regionCodes:CA Includes only checks related to the Canada region.
state = FAILED AND severity = PRIORITY Includes only failed priority checks.

Filtering by these field paths is not supported:

  • evidence.dataTypes.dataTypeEvidence.endpoints.attributedSdks.sdk.id
  • evidence.dataTypes.dataTypeEvidence.endpoints.endpointDetails.endpoint.domain
  • evidence.dataTypes.dataTypeEvidence.privacyPolicyTexts.policyFragment.htmlContent
  • evidence.privacyPolicyTexts.policyFragment.htmlContent
  • evidence.sdkIssues.sdk.id

See AIP-160 to learn how to create more filter expressions.

Pagination

By default, the List method returns at most 10 reports. You can change this by setting the pageSize URL query parameter. The maximum value is 50.

The List method returns a nextPageToken when there are more results to fetch:

{
  "reports": [
    ...
  ],
  "nextPageToken": "CAEQ0ITI8K7ngAMaIDY3MThjNjQ3NGZmNzBhZGI4NWI5NjAyN2ViZmQ5MWVh"
}

Pass this token to the List method using the pageToken URL query parameter to fetch the next page of results.