# Exemptions#CreateExemption Create a new Exemption Endpoint: POST /sto/api/v2/exemptions Version: 1.0 Security: ## Query parameters: - `accountId` (string, required) Harness Account ID Example: "abcdef1234567890ghijkl" - `orgId` (string, required) ID of the Harness Organization to which the exemption applies. Cannot be specified alongside "targetId". Example: "your_project" - `projectId` (string, required) ID of the Harness Project to which the exemption applies. You must also specify "orgId". Cannot be specified alongside "targetId". Example: "your_project" ## Header parameters: - `X-Api-Key` (string) Harness personal or service access token Example: "Qui repudiandae perferendis." ## Request fields (application/json): - `exemptFutureOccurrences` (boolean) States if the user wants to exempt future occurrences of the issue - `expiration` (integer) Unix timestamp at which this Exemption will expire Example: 1651578240 - `issueId` (string, required) Issue ID associated with the Exemption Example: "abcdef1234567890ghijkl" - `link` (string) Link to a related ticket Example: "https://example.com/ABC-1234" - `occurrences` (array) Array of occurrence Ids Example: [42,666] - `pendingChanges` (object, required) Example: {"durationDays":7} - `pendingChanges.durationDays` (integer) The number of days an issue should be exempted for Example: 7 - `pipelineId` (string) ID of the Harness Pipeline to which the exemption applies. You must also specify "projectId" and "orgId". Cannot be specified alongside "targetId". Example: "your_pipeline" - `reason` (string, required) Text describing why this Exemption is necessary Example: "Waiting on upstream bug fix" - `requesterId` (string, required) User ID of user who requested this exemptions Example: "user111111111111111111" - `scanId` (string) ID of the Harness Scan to determine all the occurrences for the scan-issue. You must also specify "projectId", "orgId" and "targetId". Cannot be specified alongside "pipelineId". Example: "abcdef1234567890ghijkl" - `search` (string) Search parameter to find filtered occurrences of the issue Example: "CWE-123,5" - `targetId` (string) ID of the Target to which the exemption applies. Cannot be specified alongside "projectId" or "pipelineId". Example: "abcdef1234567890ghijkl" - `type` (string, required) Type of Exemption (Compensating Controls / Acceptable Use / Acceptable Risk / False Positive / Fix Unavailable / Other) Enum: "Compensating Controls", "Acceptable Use", "Acceptable Risk", "False Positive", "Fix Unavailable", "Other" ## Response 200 fields (application/json): - `id` (string, required) Resource identifier Example: "abcdef1234567890ghijkl" ## Response 400 fields (application/json): - `message` (string, required) Example: "Not Found" - `status` (integer) Example: 404 ## Response 401 fields (application/json): - `message` (string, required) Example: "Not Found" - `status` (integer) Example: 404 ## Response 403 fields (application/json): - `message` (string, required) Example: "Not Found" - `status` (integer) Example: 404 ## Response 429 fields (application/json): - `message` (string, required) Example: "Not Found" - `status` (integer) Example: 404 ## Response 500 fields (application/json): - `message` (string, required) Example: "Not Found" - `status` (integer) Example: 404