How can I export complete archive scan results from MetaDefender Core using the REST API (session_id + extraction APIs)?

This article applies to all MetaDefender Core V5 releases deployed on Windows systems.

Why this is needed

When scanning archives, the Core UI export may not include all archive-child details or the full set of extraction issues customers want to review. In those cases, you can authenticate via the REST API, then retrieve either (a) the top 100 extraction errors or (b) the full archive report including all extracted child files.

The examples below use PowerShell, Postman, and Linux curl, but none of these tools is mandatory. You can use any REST client that can send JSON requests and custom HTTP headers.

Prerequisites

MetaDefender Core base URL (for example http(s)://<core-host>:<core-port>)
A local/LDAP/AD user that can log in via API (username + password)
The data_id of the parent archive scan you want to report on (from scan history / prior submission).

POST /login returns a JSON response containing session_id (and oms-csrf-token). The session_id can be used as the apikey header for protected API calls.

PowerShell

Set your Core URL and credentials:

Call POST /login and capture session_id:

Postman

Create (or choose) an environment and add variables:

baseUrl = http://<core-host>:<core-port>
user = your username
password = your password

Create a request:

Method: POST
URL: {{baseUrl}}/login
Headers: Content-Type: application/json
Body (raw / JSON):

In Tests, store the returned session:

Linux curl tool

Set your Core URL and credentials:

Call POST /login:

Copy the returned session_id value and store it in a shell variable:

Fetch top 100 extraction errors inside an archive

This uses: GET /file/{data_id}/extraction-errors (described as “Fetch top 100 of extraction errors inside an archive”).

PowerShell

Set the target archive data_id:

Call the endpoint with the apikey header:

Postman

Add an environment variable:

data_id = <PARENT_ARCHIVE_DATA_ID>

Create a request:

Method: GET
URL: {{baseUrl}}/file/{{data_id}}/extraction-errors
Headers: apikey: {{session_id}}

Send → the response returns the extraction error list (top 100 per the endpoint description).

Linux curl tool

Set the target archive data_id:

Call the endpoint:

Fetch the full archive report including all extracted child files

This uses: GET /archive/{data_id} (described as “Fetch analysis reports containing all files in archive”).

PowerShell

Set the target archive data_id:

Call the endpoint with the apikey header:

Postman

Method: GET
URL: {{baseUrl}}/archive/{{data_id}}
Headers: apikey: {{session_id}}

Send → the response returns the archive-level report including all files extracted/analyzed under that archive scan.

Linux curl tool

Set the target archive data_id:

Call the endpoint with the apikey header:

Notes and common pitfalls

If you get an HTTP error code 403 (Forbidden) / 401 (Unauthorized), re-check that you are passing apikey: <session_id> (the session_id from /login is used as apikey).
If you get an HTTP error code 404 (Not found), confirm the data_id is correct and still retained by your Core retention policy (older scan artifacts may have been purged).

If Further Assistance is required, please proceed to log a support case or chatting with our support engineer.

Last updated on

Was this page helpful?

How can I export complete archive scan results from MetaDefender Core using the REST API (session_id + extraction APIs)?

Why this is needed

Prerequisites

PowerShell

Postman

Linux curl tool

Fetch top 100 extraction errors inside an archive

PowerShell

Postman

Linux curl tool

Fetch the full archive report including all extracted child files

PowerShell

Postman

Linux curl tool

Notes and common pitfalls

This Website Uses Cookies

Functional Cookies

Performance Cookies

Strictly Necessary Cookies

Targeting Cookies