{
"info": {
"_postman_id": "26f3770c-b998-4c84-b2ac-dbc5cbb67b42",
"name": "Appspider Enterprise REST API",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item": [
{
"name": "1-Authentication Operations",
"item": [
{
"name": "/Authentication/Login",
"event": [
{
"listen": "test",
"script": {
"exec": [
"var jsonData = JSON.parse(responseBody);",
"postman.setEnvironmentVariable(\"Token\", jsonData.Token);"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"name\": \"{{Uname}}\",\n \"password\": \"{{Password}}\"\n}"
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Authentication/Login",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Authentication",
"Login"
]
},
"description": "User Account Login (logs you into a \"Client\")"
},
"response": []
},
{
"name": "/api/Employee",
"event": [
{
"listen": "test",
"script": {
"type": "text/javascript",
"exec": [
"var jsonData = JSON.parse(responseBody);",
"postman.setEnvironmentVariable(\"Token\", jsonData.Token);"
]
}
}
],
"request": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"name\": \"{{Uname}}\",\n \"password\": \"{{Password}}\"\n}"
},
"url": {
"raw": "{{Protocol}}://{{Server}}/AppSpiderEnterprise/rest/v1/Authentication/Login",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"AppSpiderEnterprise",
"rest",
"v1",
"Authentication",
"Login"
]
},
"description": "User Account Login (logs you into a \"Client\")"
},
"response": []
},
{
"name": "/Authentication/Login - SA",
"event": [
{
"listen": "test",
"script": {
"exec": [
"var jsonData = JSON.parse(responseBody);",
"postman.setEnvironmentVariable(\"Token\", jsonData.Token);"
],
"type": "text/javascript"
}
}
],
"request": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"name\": \"admin\",\n \"password\": \"R1DDJqB!!5c@\",\n \"clientId\": \"9e41eefa-18d0-41d7-b786-653b40a06f8d\"\n}"
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Authentication/Login",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Authentication",
"Login"
]
},
"description": "User Account Login (logs you in as an SA)"
},
"response": []
},
{
"name": "/Authentication/Encrypt",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}",
"type": "text"
},
{
"key": "Content-Type",
"value": "application/json",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": "\"stringToEncrypt\""
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Authentication/Encrypt",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Authentication",
"Encrypt"
],
"query": [
{
"key": "",
"value": "",
"disabled": true
}
]
},
"description": "Returns an encrypted string"
},
"response": []
}
]
},
{
"name": "2-Scan Engine Operations",
"item": [
{
"name": "/Engine/GetEngines",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token-Admin}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Engine/GetEngines",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Engine",
"GetEngines"
]
},
"description": "Retrieves the list of scan engines"
},
"response": []
},
{
"name": "/Engine/SaveEngine",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token-Admin}}"
}
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "id",
"value": "",
"type": "text"
},
{
"key": "url",
"value": "http://InsertServer/AppSpiderEntScanEngine/default.asmx",
"type": "text"
},
{
"key": "virtualName",
"value": "InsertVirtualName",
"type": "text"
},
{
"key": "login",
"value": "InsertUserName",
"type": "text"
},
{
"key": "password",
"value": "InsertPassword",
"type": "text"
},
{
"key": "notes",
"value": "null",
"type": "text"
},
{
"key": "donotupdate",
"value": "false",
"type": "text"
}
]
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Engine/SaveEngine",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Engine",
"SaveEngine"
]
},
"description": "Creates or updates a scan engine"
},
"response": []
},
{
"name": "/Engine/DeleteEngine",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token-Admin}}"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"engineIds\":[\"8240def6-be88-4481-b18c-1bbbc36ec563\"]\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Engine/DeleteEngine",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Engine",
"DeleteEngine"
]
},
"description": "Deletes one or more scan engines"
},
"response": []
}
],
"description": "This section describes API methods for managing Scan Engines. Note that admin credentials are required to work with scan engines"
},
{
"name": "3-Scan Engine Group Operations",
"item": [
{
"name": "/EngineGroup/GetAllEngineGroups",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/EngineGroup/GetAllEngineGroups",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"EngineGroup",
"GetAllEngineGroups"
]
},
"description": "Retrieves the list of scan engine groups"
},
"response": []
},
{
"name": "/EngineGroup/GetEngineGroupsForClient",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/EngineGroup/GetEngineGroupsForClient",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"EngineGroup",
"GetEngineGroupsForClient"
]
},
"description": "Retrieves the list of scan engine for groups for client. Note: user permissions required to retrieve the list of scan engine groups"
},
"response": []
},
{
"name": "/EngineGroup/SaveEngineGroup",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "id",
"value": "",
"type": "text"
},
{
"key": "name",
"value": "Postman-Test",
"type": "text"
},
{
"key": "description",
"value": "test123",
"type": "text"
},
{
"key": "monitoring",
"value": "false",
"type": "text"
}
]
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/EngineGroup/SaveEngineGroup",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"EngineGroup",
"SaveEngineGroup"
]
},
"description": "Creates or updates a scan engine group"
},
"response": []
},
{
"name": "/EngineGroup/DeleteEngineGroup",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"engineGroupIds\":[\"9c60a7c4-d1a2-4fd9-afe3-ca8b19c532aa\"]\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/EngineGroup/DeleteEngineGroup",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"EngineGroup",
"DeleteEngineGroup"
]
},
"description": "Deletes a scan engine group"
},
"response": []
},
{
"name": "/EngineGroup/AddEngineToGroup",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "groupId",
"value": "insert Group ID",
"type": "text"
},
{
"key": "engineId",
"value": "Insert Engine ID for the engine you would like to add",
"type": "text"
}
]
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/EngineGroup/AddEngineToGroup",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"EngineGroup",
"AddEngineToGroup"
]
},
"description": "Adds a scan engine to a scan engine group"
},
"response": []
},
{
"name": "/EngineGroup/DeleteEngineFromGroup",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "groupId",
"value": "Insert Group ID",
"type": "text"
},
{
"key": "engineId",
"value": "Insert Engine ID for the engine you would like to add",
"type": "text"
}
]
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/EngineGroup/DeleteEngineFromGroup",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"EngineGroup",
"DeleteEngineFromGroup"
]
},
"description": "Deletes a scan engine from a scan engine group"
},
"response": []
}
],
"description": "This section describes API methods for managing Scan Engine Groups. Not that admin credentials are required to work with scan engines"
},
{
"name": "4-Scan Configuration Operations",
"item": [
{
"name": "DeleteConfigs ",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
},
{
"key": "Content-Type",
"value": "application/json"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"configIds\":[\"b86418a4-7be2-48c4-9312-ca7cd8098b17\"]\n}"
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Config/DeleteConfigs",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Config",
"DeleteConfigs"
]
},
"description": "Deletes a scan config"
},
"response": []
},
{
"name": "/Config/SaveConfig",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
},
{
"key": "",
"name": "Content-Type",
"value": "",
"type": "text",
"disabled": true
},
{
"key": "",
"value": "",
"disabled": true
},
{
"key": "Content-Type",
"value": "",
"disabled": true
}
],
"body": {
"mode": "formdata",
"formdata": [
{
"key": "config",
"value": "{\n\n \"DefendEnabled\": false,\n \"MonitoringDelay\": 0,\n \"MonitoringTriggerScan\": false,\n \"Xml\": \"RoisinSelenium7.01000001Chrome107374182401005000-150050100300100300250215-125550025005005005005006000040004600400100400210010Smart(page|resource) (you requested )?(was not|cannot be) found|Page not found|404(.0)? - ((File (or directory )?not found)|(Not Found))|HTTP Status 404|404 Not Found]|\\\\\\\\d([-+]|%2[bd])\\\\\\\\d|repeat\\\\\\\\(|alert\\\\\\\\(|/x\\\\\\\\w{7}\\\\\\\\.txt|window.location|%20(AND|OR)%20|%3cscript|(ping|echo)%20|javascript(%3a|:)|%0d%0a]]>(auth|log[ -]?(in|on)|sign[ -]?(in|on)|profile|account|transfer|admin)0Case Sensitive0010000000000.950.8Disabled11111000http://www.webscantest.com/http://www.webscantest.com/*AllWildcardIncludehttp://*.www.webscantest.com/*AllWildcardIncludecssaxdpdfdocjpgjpeggifpngbmpicojstiffeotttfmidmidimp3mpegwavaviwoffsvgflaswfpdfdocjpgjpeggifpngbmpicodllexeeotttfmp3mp4wavwoffsvgtxtjscssjsonaudio/*image/*video/*application/pdfapplication/zipapplication/x-rar-compressedapplication/x-dviapplication/x-shockwave-flashapplication/mswordapplication/oggapplication/x-tarapplication/octet-streamtext/htmlhtml/*application/xhtml+xmltext/plaintext/csvtext/csstext/javascriptapplication/javascriptapplication/x-javascriptapplication/jsonapplication/x-httpd-php-sourceapplication/xml-dtdtext/xmlapplication/soap+xmlapplication/xml*.css*.js*.xml*.dtd*.axd*.json*/js/**/css/*pdfdocjpgjpeggifpngbmpicoexeswfmp3mp4waveotttfwofficosvgaudio/*image/*video/*application/pdfapplication/zipapplication/x-rar-compressedapplication/x-dviapplication/x-shockwave-flashapplication/mswordapplication/oggapplication/x-tarapplication/octet-stream14002002515250411100000036000^_*(ASP[.]NET_SessionId|VSTATE|VIEWSTATE(ENCRYPTED|FIELDCOUNT|GENERATOR|[0-9]*)|EVENT(VALIDATION|TTARGET|ARGUMENT)|COMPRESSEDVIEWSTATE|LASTFOCUS|CALLBACK(ID|FRAME|LOADSCRIPT|PARAM|INDEX)|SCROLLPOSITIONX|SCROLLPOSITIONY|utm.*|submit[.][x|y]|_ga|_gat|__utm[a|b|c|t|z|v|x])$RegexCrawl onlySmartSmart010Web Site|Directory|File|Web Resource|Parameter|Response AnalysisDirectory|File|Path|Query|Fragment|Post|Cookie|Referer|Http HeaderHTML|Form|AJAX|Flash|Silverlight|WSDL|REST0C0B05B9C334341B180D2494235FF8F99HighInformational1022000Web SiteHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTAnonymous Access059597A25A9504D5AAD20B74A4DCCABB7HighHigh100253000Directory|File|Web Resource|ParameterDirectory|File|Path|Query|Fragment|Post|Cookie|Referer|Http HeaderHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTApache Struts 2 Framework Checks09F6600FB2E7840E48B156790FEFAC10AHighInformational100253100Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTApache Struts Detection0929E08F60E084936B12C984ED0F5F47CHighHigh100254000ParameterPostHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTArbitrary File Upload0719FF94DEF014D29B16234909941E48EMediumLow25102000DirectoryHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTASP.NET Misconfiguration0B7CEE386C7C64618A510F3F8FED5400BMediumHigh25104000ParameterPost|CookieHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTASP.NET Serialization0865E5CE0E5144D3E899B825EC8603969MediumLow200502000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDLAutocomplete attribute013B4C758BA174200885A29CBA7346165MediumInformational100501000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDLBrowser Cache directive (web application performance)0E33B272027B844D5BBB8EDE541983474MediumLow150504000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTBrowser Cache directive (leaking sensitive information)0A8091DB7769C49ED9E844B9F19529AC1HighHigh522000Web ResourceHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTBrute Force (HTTP Auth)07F61DDD522C5439B9EAB4FC17B2F47AAHighHigh522000ParameterQuery|PostHTML|Form|AJAX|Flash|Silverlight|WSDLBrute Force (Form Auth)022E85EEA6883403982D8C298AEBC935AHighHigh2501004000ParameterDirectory|File|Path|Query|Post|Cookie|Referer|Http HeaderHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTBlind SQL0FD1C760270CE493D92F50C347C79218FLowLow100504000DirectoryHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTClients Cross-Domain Policy Files0A41D5AC842594BF086E9A96DD3353333LowInformational100504000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDLInformation Disclosure in comments0BBFCB66779ED4E7292C08F19E9BB45DFMediumLow502010000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTCookie attributes02227AE47A2AA40A6B6B1328AC13A6F0CLowLow100505000Web Resource|Response AnalysisAJAXCross Origin Resources Sharing (CORS)0F8A0814584594965B0AF68B4E190F566LowMedium25102000Response AnalysisHTML|Form|SilverlightCredentials over an insecure channel0C35E7D79DD6F4DA489BBF6BC1D9D012BMediumInformational100504000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTContent Security Policy Header081C9D7ED0E33447899D5CD20B978617BLowLow250502000Web ResourceHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTCross-Site Request Forgery (CSRF)03A586D24C653446196BAAC345FDE8C53MediumInformational20101000DirectoryHTML|Form|AJAX|Flash|Silverlight|WSDLCustom Directory Module0EE998B281CE840948E90BF2D61E4C5F9MediumInformational20101000ParameterDirectory|File|Path|Query|Fragment|Post|Cookie|Referer|Http HeaderHTML|Form|AJAX|Flash|Silverlight|WSDLCustom Parameter Module01DE8C004C53D4B89A41E6B98DC6FD3B4MediumInformational20101000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDLCustom Passive Module02CE90A403F704F80961E381BE19CCA2FMediumLow250501000DirectoryHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTDirectory Indexing0240EBB4A72024BA585833EB1F1AB4EC0LowInformational150504000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDLEmail Disclosure09B62D146FF00456388F9822A76F95841HighHigh100504000ParameterPath|Query|PostHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTExpression Language Injection0D07D5C8EF8664392A0CC1509A6DE5940LowLow100502000ParameterDirectory|Path|Query|Post|CookieHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTForced Browsing0FD28B5D41E064D37B5543CE22BBC6306MediumLow200502000Response AnalysisHTML|Form|SilverlightSensitive Data Exposure07B61BD81D278490C9B1A7B0568E94E30HighLow524000Web ResourceHTML|Form|AJAX|Flash|Silverlight|WSDLForm Session Strength05032DAF0D8FE4294B23F0D1DAA4C0337HighHigh251050000Web SiteHTML|Form|AJAX|Flash|Silverlight|WSDLFrontPage Checks0748E90FC47AB4B438C3A49660989B44AHighHigh25101000Web SiteHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTHeartbleed Check0EBEE6CA2515F4FBEB8B7EC0197C5A74FLowInformational2041000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTHTTP Strict Transport Security0F25AF6387E8A429F8E664F31E2974054LowLow2054000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTHTTP Authentication over insecure channel060B0D57597EF4542A15FCB8D907669B0LowLow2001001000Web ResourceHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTHTTPS Downgrade055D76EB20CE54C01856E43223232E3DDMediumInformational200504000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTHTTP Headers0DE08B6DDD872440E91347969D514CFD6HighHigh2001004000ParameterDirectory|File|Path|Query|Fragment|Post|Cookie|Referer|Http HeaderHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTHTTP Response Splitting01712CD453B074C78A8A561E0ED66DD1FLowLow200501000Web Site|Web Resource|Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTHTTPS Everywhere0881B35A841414BBAA05084A2A8CE7904LowInformational2041000Web ResourceHTML|Form|Flash|SilverlightHTTP User-Agent Check06A609D0096124619842EE23FA7C989B5LowInformational5002504000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTInformation Disclosure in response0E617D008F7534C808064D2B1A4BFE81AHighLow5002504100Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTInformation Leakage in responses0B86A3A67D710456898A9009DBF6A4989LowLow100504000Web ResourceHTML|Form|AJAX|Flash|Silverlight|WSDLJava Grinder0F10ACEB0A6804D0F93516428E64B46FDLowInformational1005004000Response AnalysisHTML|Form|AJAX|Flash|SilverlightJavaScript Memory Leaks0B7FD0D454CB246AC85A29AF53C27157FHighHigh100254000ParameterPath|Query|Post|CookieHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTLDAP Injection0FCD9A41AD39247C0B45A8D42FF7A4E5EHighInformational2501004000Response AnalysisHTML|Form|AJAXLocal Storage Usage0466E4CC294D94A11AFD50FD01D56261FMediumLow100504000Parameter|Response AnalysisPath|Query|Post|Cookie|RefererHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTBusiness logic abuse attacks07D06B46D915644E9870F4A6B903FC09FHighHigh1011000ParameterPath|Query|Post|Cookie|RefererHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTNginx NULL code099E5E4DD1B734047B95402FB7C76BEC3MediumHigh2001004000ParameterFile|Path|Query|PostHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTOS Commanding02934BC76771C4016BD3524B432CEBCA8HighHigh250505000ParameterQuery|PostHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTOut of Band Stored Cross-site scripting (XSS)0A62D1481CB394632B06C0C54FCDD0579HighMedium250505000ParameterQuery|PostHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTOut of Band Cross-site scripting (XSS)0A8AB603EABC04875A5B2320CF6990C24HighMedium5002504000ParameterPath|Query|Post|Cookie|RefererHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTParameter Fuzzing0FAC53175FF1E4478AA6D3E2DD4D66B6DHighLow1022100Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTCredentials stored in clear text in a cookie.0243C315A46A14C92A2717A29A4290167MediumInformational20010010000Response AnalysisHTML|Form|SilverlightCollecting Sensitive Personal Information0B97A29683AEE4AA2B94FC26BFC2694A9HighMedium100504000ParameterQuery|Post|CookieHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTPHP Code Execution0AFF041E38E444889B271CDE1B24378EALowInformational25010010000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTPrivacy Disclosure0433C43A54C714F08B822B7932D410A78MediumLow1024000Web Resource|Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTPrivilege Escalation0ED2E98EFF9A14BF7ACA06A7B28FF97BELowInformational200504000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTProfanity00AE25E41D6F44F29900104EF86B04191LowSafe5002504000ParameterDirectory|File|Path|Query|Post|CookieHTML|Form|AJAX|Flash|Silverlight|WSDLReflection08CB2F93CE7F243B98D3C83A9A3E6EA4BMediumMedium10002504000Directory|File|ParameterQuery|Post|CookieHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTFile Inclusion063430695B68941DF99BF242F5AE1674BLowInformational50102000Web ResourceHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTHTTP Verb Tampering0D8741C7560B8431A9AE74E9B4FEB4F45LowLow2005010000Web Site|Directory|FileHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTPredictable Resource Location013623AA162FA4488852116B7EC0DE49EMediumMedium2501004000ParameterQueryHTML|FormReverse Clickjacking0A418163442A54BB9BB0F1E591881A835HighLow25101000Web SiteHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTReverse Proxy02C7D393BABA44517B0A37DC8ADCF9630LowLow200504000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDLInformation Disclosure in scripts007BD211A580944E591F78B40FF3F3489LowInformational250503000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTSecure and non-secure content mix01CBEA71A88844A11A4CD6ABAA2FD7F62LowLow100504000Response AnalysisHTML|Form|SilverlightSensitive data over an insecure channel034A0F038EFA248B594E7F17447F4CF2EHighInformational1021000Web Site|Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTServer Configuration0DC8E0D09314B44D39915AAF8439B4F53MediumMedium150504000ParameterDirectory|File|Path|Query|Fragment|Post|Cookie|Referer|Http HeaderHTML|Form|AJAXServer Side Include (SSI) Injection00F5408AB9FF94320AA58FCFE80EDEF59HighHigh200504000ParameterPath|Query|Post|CookieHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTServer Side Template Injection0DB1340E1857540219DF84A6A9DC0494CHighMedium25102000Web ResourceHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTSession Fixation06B1B2812012D41249BDEE83FFAEB523DLowLow1041000ParameterDirectory|Path|QueryHTML|Form|AJAX|Flash|Silverlight|WSDLHTTP Query Session Check0F729A70998064A1F99A8BEA8512D31AEMediumLow1024000Web ResourceHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTSession Strength00DB2C1311DA74B80A153A8733C74D6CCMediumLow50104000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTSession Upgrade07A7B3239AB8146839A8AEF170807ED1ELowMedium100504000FileHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTSource Code Disclosure059646365E0E44520BE4297C3ABAA7E75HighLow2501004100Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTSQL Information Leakage0B6F559D374B5451EB424A1C1FB264FA6HighHigh5002004000ParameterDirectory|File|Path|Query|Post|Cookie|Referer|Http HeaderHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTSQL Injection00496353D92704F2E942BFE1B575D9B7CHighHigh25104000ParameterPath|Query|PostHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTSQL Injection Auth Bypass0CEB40EE490564D60B4F9B3CE79C009B5MediumMedium100504000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTSQL Parameter Check0C5805272001249A095A48F2E56240C10MediumInformational2510100000Web SiteHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTSSL Strength05D9A66E5961B4644AAF5EC655E18EE66MediumInformational501020000Web SiteHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTSubdomain discovery09A22444AC7C642ABBC598CBCA4738C3BHighMedium40104000ParameterPath|Query|Post|CookieHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTUnvalidated Redirect0B69E83831D26496BB2CC0C0D70181EC3HighLow40104000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTURL rewriting04DE84100F31849A7B845FE5F62D2FD7AMediumMedium25102000Response AnalysisHTML|FormASP.NET ViewState security00BE4C251F44C4CF1924104ADFD86289CLowInformational100254000Web ResourceHTML|Form|Flash|SilverlightWeb Beacon074FB936F2BBA499F8D0AF3B7A29B4F9EHighLow30104000Web SiteHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTCross-site tracing (XST)0377030BFE58A4F01A112295D32A0744CHighMedium2501004000ParameterPostHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTWeb Service Parameter Fuzzing08399FA8EDF5C41BC9D3CF85DC23DC26BLowInformational2052000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTX-Content-Type-Options03E2E60F7D0E04D8596918C2D1F639064LowInformational50102000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTX-Frame-Options0615D72F401BC447AB4A2139654BC9945LowInformational2552000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTX-XSS-Protection0ABFA075919804435A25A22A8CAC191DFHighMedium100504000ParameterPath|Query|Post|CookieHTML|Form|AJAXXML External Entity Attack0BBE9F36A88A944ECB837D5193D356E4CMediumHigh100504000ParameterPath|Query|PostHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTXPath Injection06CEF426D33514825B50741616DB2120BLowInformational2552000Response AnalysisHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTX-Powered-By046A8FE469F6C44BFB9946C021A2BCDC8HighMedium250504000Response AnalysisHTML|Form|AJAXCross-site scripting (XSS), (DOM based)0BD57F92E956A493DA39ADDF215B29D96HighMedium100504000Web ResourceAJAXCross-site scripting (XSS), (DOM based reflected via AJAX request)062AA6A08FA764E209551B4A4C479F08DHighHigh100504000Response AnalysisHTML|Form|AJAXPersistent Cross-site scripting (XSS) (passive)0050ABD8CF99F4EE4AA18C12F06FA3051HighHigh250505000ParameterDirectory|File|Path|Query|Post|Cookie|RefererHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTPersistent Cross-site scripting (XSS), (active)0ABEB2E590AA24A39BB6FE7DBD6338277HighMedium4001505000ParameterDirectory|File|Path|Query|Post|Cookie|RefererHTML|Form|AJAX|Flash|Silverlight|WSDL|RESTReflected Cross-site scripting (XSS)0FFBF4640C8A4475E93E099018951B409MediumMedium2501004000ParameterFile|Query|PostHTML|Form|AJAXReflected Cross-site scripting (XSS), (simple)038354857D10048B68A34CD2E3EBC3B52HighHigh754falsefalse1640630FF01402DB70848D88ACB0736B6E4BCF5HighLow44falsefalse8010F74CCB3314134B21A3B5D5D78BECEADBHighHigh2504falsefalse22168630667629EC1FDC4C6D98B5F4031717BB9BMediumLow2504falsefalse2063031E0A650FB944E689DF46B7A98F35A5FLowLow1004falsefalse320310/aaaaaaaa.aaa/aaaaaaaa/10Selenium00110011010011RestrictedMedium((log|sign)[ -]?(in|on))|auth(sign|log)[ -]?(out|off)please (re)?login|have been logged out|session has expiredLocation: [^\\\\\\\\n]{0,100}((sign|log)(in|on|out)|unauthenticated)\\\\\\\\b(sign|log|time)[ -]?(in|on|out|off)|password(sign|log|time)[ -]?(in|on|out|off)\\\\\\\\b(CFID|CFTOKEN|SESSION|JSESSIONID|ASPSESSIONID[A-Z0-9]+|PHPSESSID|ASP[.]NET_SessionId)\\\\\\\\b32601005010103Login Form DiscoveryLogin600001160032780/authorizeNullNullAzureResponseModeNullAzurePrompthttps://graph.windows.net0:10:01Internet Explorer0113000200001101C:\\\\\\\\Users\\\\\\\\rgrimley.TOR\\\\\\\\Postman\\\\\\\\files\\\\\\\\works.bat00-101000020000Internet Explorer Settings002502502508280.751.250.2510.751.25NoCert-301800270000006000060000600006000018000000255000SSL3|TLS1advise_rasp_of_scan0:03:0016120010102097152005028000100524288000704002400009000000012418759311321474836482147483648107374182410737418240HTTP/1.1text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8gzip, deflateen-USMozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.360AuthorizationX-XSRF-TOKENX-CSRF-TokenSmartUsernametext,textareaenuser[:space:]*name|member[:space:]*(name|id)|user|login|usr.(name|id)%RANDALPHANUM%RegexPasswordpasswordenpassword|passwd|pw|pwd%RANDALPHANUM%$RegexSocial Security Numbertext,textarea,passwordenSSN|social|security987-65-4320RegexAddresstext,textareaenincome100000RegexAddresstext,textareaenaddress|street600 Fairy Land DriveRegexApartment numbertext,textareaenaddress|apartment|house123RegexFirst nametext,textareaennameJohnRegexLast nametext,textareaenlast[:space:]*name|surnameJohnsonRegexFull nametext,textareaen(your|full)[:space:]+name|nameJohn JohnsonRegexUser Signaturetext,textareaensignatureJohn JohnsonRegexMiddle nametext,textareaenmiddle[:space:]+nameLRegexCitytext,textareaencity|townCosta MesaRegexCountytext,textareaencountyOrangeRegexStatetext,textareaenstateCARegexZip codetext,textareaenzip[:space:]*code|post[:space:]*code|postal[:space:]*code|zip92626RegexCountrytext,textarea,selectenunited[:space:]*states|countryUSusRegexPhone numbertext,textareaentele[:space:]*phone|fax|phone123-456-7890RegexPhone area codetext,textareaenarea[:space:]+code123RegexCompany nametext,textareaencompany|employer|organizationExampleRegexEmailtext,textareaene[-_]?mail([-_]?address)?a%RANDALPHANUM%@example.comRegexBirthdaytext,textareaenbirth[:space:]day|birth12/25/1975RegexDaytext,textarea,selectendd|day2525RegexMonthtext,textarea,selectenmm|month1212|dec|dRegexFutureYeartext,textarea,selecten2015|2016|201720162015|2016|2017RegexBirthYeartext,textarea,selectenyyyy|year|1975|1970|1960|19501975|1970|1960|1950RegexPast Date mm/dd/yyyytext,textareaen(start|from)[-\\\\\\\\s_]*date02/02/2003RegexFuture Date mm/dd/yytext,textareaenmm/dd/yy02/02/15RegexFuture Date mm/dd/yyyytext,textareaenmm/dd/yyyy|check.in|check.out|departing|returning|appointment|after|arrival|departure|(end|to)[-\\\\\\\\s_]*date02/02/2015RegexOld passwordpasswordenold[:space:]+password%RANDALPHANUM%1'RegexAccept termscheckbox,radioenyes|1|onRegexSave logincheckbox,radio,selectensave|rememberyes|1|onRegexRemove itemcheckbox,radioenremove|deleteRegexSearchtext,textareaenkeyword|search|querywaterRegexQuantitytext,textarea,selectenquantity|amount|number|qty|num3RegexNumbertext,textareaennumber|count|nmr|cnt|rate|decimal|digit21RegexAccount Numbertext,textarea,select,radio,checkboxenaccount20RegexShipping methodselect,radio,checkboxenshipping|fedex|standard|upsfedex|standard|upsRegexGiftcheckboxengiftyes|1|onRegexCredit card numbertext,textarea,passwordencredit[:space:]*card|card[:space:]*number5105105105105100RegexCredit card typeselect,checkbox,radioenmaster[:space:]*card|master|visa|diners|diners[:space:]*club|discovery|american[:space:]*express|amexRegexCredit card security codetext,textarea,passwordensecurity[:space:]*code|verification[:space:]*number123RegexPINtext,textarea,passwordenPIN1234RegexCAPTCHAtext,textareaencode[:space:]*shown|captcha%RANDALPHANUM%RegexSizeselectensize|xxl(\\\\\\\\b(m|s|42)\\\\\\\\bRegexColorselecten\\\\\\\\b(color|red|black)\\\\\\\\bBlue\\\\\\\\b(blue|red|black)\\\\\\\\bRegexPricetext,textareenprice20RegexAttentiontext,textareenattentionJohnRegexGenderselect,radioengender|male|femalemale\\\\\\\\b(male|m|f)\\\\\\\\bRegexLegal agecheckbox,radioenlegal|\\\\\\\\d\\\\\\\\d[:space:]*years[:space:]*oldyes\\\\\\\\b(on|1|yes)\\\\\\\\bRegexCoupon codetext,textareaenpromotion|coupon%RANDALPHANUM%RegexSend messagetext,textareaenmessage|comment|complain|enquiry|reviewcommentRegexExisting usercheckbox,radioenreturning|existing|customer\\\\\\\\b(on|1|yes)\\\\\\\\bRegexAgetext,textareaenage|under|over40RegexPassphrase Hinttext,textareaenWhat make|pet's name|your father|high school|friendWhat make was your first car?RegexPassphrase Hint Answertext,textareaenAnswerFordRegexDoctor nametext,textareaendoctorJohn JohnsonRegexWebsitetext,textareaenwebsitewww.example.comRegexAddresstext,textareadeadresse|strasse600 Fairy Land DriveRegexApartment numbertext,textareadeadresse|wohnung|haus123RegexFirst nametext,textareadenameJohnRegexLast nametext,textareadevorname|nameJohnsonRegexFull nametext,textareadeihren namen|nameJohn JohnsonRegexUser Signaturetext,textareadeunterschriftJohn JohnsonRegexCitytext,textareadestadt|stadtBerlinRegexRegierungsbezirketext,textareaderegierungsbezirkeBerlinRegexZip codetext,textareadepostleitzahl|zip|ZIP|PLZ|Postleitzahl10115RegexCountrytext,textareade\\\\\\\\b(deutschland|land)\\\\\\\\bDE\\\\\\\\bDE\\\\\\\\bRegexPhone numbertext,textareadetelefon|telefon|fax(1234) 567890RegexPhone area codetext,textareadevorwahl123RegexCompany nametext,textareadeunternehmen|arbeitgeber|organisationExampleRegexEmailtext,textareadeE[-_]Mailadresse|email|E[-_]Maila%RANDALPHANUM%@example.comRegexBirthdaytext,textareadegeburtstag|geburt12/25/1975RegexDaytext,textareadetag25RegexMonthtext,textareademonat12RegexYeartext,textareadeJahr2007RegexBirthYeartext,textareadeJahr|1975|1970|1960|19501975RegexPast Date mm/dd/yytext,textareadeDatum|d.m.yyyy|dd.mm.yyyy02.02.03RegexPast Date mm/dd/yyyytext,textareadeDatum|mm/dd/yyyy02/02/2003RegexFuture Date mm/dd/yytext,textareadeMJPYBZHSWwshWRRFSGWAGEQ2hlY2staW58WnVyIEthc3NlfEFiZmFocnR8UsO8Y2trZWhyfGQubS55fGRkLm1tLnl5fFRlcm1pbg==02/02/11RegexFuture Date mm/dd/yyyytext,textareadeMJPYBZHSWwshWRRFSGWAGEQ2hlY2staW58WnVyIEthc3NlfEFiZmFocnR8UsO8Y2trZWhyfFRlcm1pbnxkZC5tbS55eXl502/02/2011RegexUsernametext,textareadeBenutzername|Mitgliedsnamen|Benutzer%RANDALPHANUM%RegexPasswordpassworddepassword|passwort|passwd%RANDALPHANUM%1'RegexOld passwordpassworddealte[:space:]passwort%RANDALPHANUM%1'RegexAccept termscheckbox,radiodeIch habe gelesen und akzeptiere|Ich habe gelesen und akzeptiere|akzeptieren|vereinbaren|AGB|Nutzungsbedingungen|AGBRegexRemove itemcheckbox,radiodeMJPYBZHSWwshWRRFSGWAGEZW50ZmVybmVufGzDtnNjaGVuRegexSearchtext,textareadeMJPYBZHSWwshWRRFSGWAGEw5xiZXJzaWNodHxTdWNoZXxBbmZyYWdlwaterRegexQuantitytext,textareadeqty|Menge|Betrag|Anzahl3RegexNumbertext,textareadeAnzahl|NMR|cnt|bewerten|dezimal|stellige21RegexAccount Numbertext,textareadeKonto3456RegexShipping methodselectdeVersandRegexGifttext,textareadeGeschenkRegexCredit card numbertext,textareadeKreditkarte|Kredit|Kartennummer5105105105105100RegexCredit card typetext,textareadeMasterCard|Master|Visum|Diners|Diners Club|Entdeckung|American ExpressMasterRegexCredit card security codetext,textareadeMJPYBZHSWwshWRRFSGWAGES3JlZGl0fFNpY2hlcmhlaXRzLUNvZGV8UHLDvGZudW1tZXI=123RegexCAPTCHAtext,textareadecaptcha[%RANDALPHANUM%RegexBack buttonbutton,image,submitdeMJPYBZHSWwshWRRFSGWAGEenVyw7xja3xyZXR1cm58c3Rvcm5pZXJlbnx2b3JoZXJpZ2V8d2VpdGVyIGVpbmthdWZlbg==RegexLogout buttonbutton,image,submideAbmeldung|Abmeldung|ausloggen|(sign|log)-?(off|out)RegexLogin buttonbutton,image,submide(log|sign)-?inRegexSizeselectdeMJPYBZHSWwshWRRFSGWAGER3LDtnNzZXxYWEw=mm|s|42RegexColorselectdeFarbeBlueRegexEnter pricetext,textareadePreis20RegexAttentiontext,textareadeAufmerksamkeitJohnRegexGenderselect,radio,checkboxdeGeschlecht|Herrenmm|hRegexLegal ageselect,radio,checkboxderechtliche|\\\\\\\\d\\\\\\\\d[:space:]*Jahrejaja|yes|1|onRegexCoupon codetext,textareadeMJPYBZHSWwshWRRFSGWAGERsO2cmRlcnVuZ3xHdXRzY2hlaW4=111RegexSend messagetext,textareadeNachricht|Kommentar|beschweren|Anfrage|KritikcommentRegexAgetext,textareadeAlter|unter|mehr40RegexPassphrase Hinttext,textareadeWas machen|Name des Haustieres|Ihr VaterWhat make was your first car?RegexPassphrase Hint Answertext,textareadebeantwortenFordRegexDoctor nametext,textareadeArztJohn JohnsonRegexjscssdocjpgjpeggifpngbmpicoexeswfmp3waveot*font*audio/*image/*video/*application/pdfapplication/zipapplication/x-rar-compressedapplication/x-dviapplication/x-shockwave-flashapplication/mswordapplication/oggapplication/x-tarapplication/octet-stream10132768Chrome([?]wsdl|[.]wsdl)$10Hashed1en011111111111110101111111000111011101111100010111110110100001111Alert02019-01-04 03:26:412019-01-04 03:26:4143469 Days, 3:26:411Unknown11899-12-30 00:00:00csrfNot DefinedNot DefinedNot DefinedNot DefinedNot DefinedNot DefinedNot DefinedNot Defined1=./;=\\\\\\\\d+-1\",\n \"Id\": null,\n \"Name\": \"RoisinSelenium\",\n \"ClientId\": \"9e41eefa-18d0-41d7-b786-653b40a06f8d\",\n \"EngineGroupId\": \"e6483e35-1a5e-460a-98b1-0618d5042dab\",\n \"Monitoring\": false,\n \"IsApproveRequired\": false\n }",
"type": "text"
},
{
"key": "Selenium",
"type": "file",
"src": "works.bat"
}
]
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Config/SaveConfig",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Config",
"SaveConfig"
]
},
"description": "Creates or updates a scan configuration\n\nJSON Example:\n\n{ \"DefendEnabled\": false, \"MonitoringDelay\": 0, \"MonitoringTriggerScan\": false, \"Xml\": \"...\", \"Id\": null, \"Name\": \"Webscantest\", \"ClientId\": \"4b3c1f62-8a19-4c81-a9d8-061aeb758ddd\", \"EngineGroupId\": \"92bfcd05-239a-4a90-ade7-5b637e3cb877\", \"Monitoring\": false, \"IsApproveRequired\": false }"
},
"response": []
},
{
"name": "/Config/GetConfigs",
"protocolProfileBehavior": {
"disableBodyPruning": true
},
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
},
{
"key": "Content-Type",
"name": "Content-Type",
"value": "application/json",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": ""
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Config/GetConfigs",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Config",
"GetConfigs"
]
},
"description": "Retrieves scan configs for the client"
},
"response": []
},
{
"name": "/Config/GetConfigs Paging",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Config/GetConfigs?page=2&pageSize=250",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Config",
"GetConfigs"
],
"query": [
{
"key": "page",
"value": "2"
},
{
"key": "pageSize",
"value": "250"
}
]
},
"description": "Retrieves scan configs for the client"
},
"response": []
},
{
"name": "/Config/GetConfig",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Config/GetConfig?Id=insert Id",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Config",
"GetConfig"
],
"query": [
{
"key": "Id",
"value": "insert Id"
}
]
},
"description": "Retrieves a specified scan config"
},
"response": []
},
{
"name": "/Config/GetAttachment",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Config/GetAttachment?configId=insert configid&fileName=insert fileName to retrieve&fileType=insert file type",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Config",
"GetAttachment"
],
"query": [
{
"key": "configId",
"value": "insert configid"
},
{
"key": "fileName",
"value": "insert fileName to retrieve"
},
{
"key": "fileType",
"value": "insert file type"
}
]
},
"description": "Retrieves auxiliary files (such as macro, traffic recording, etc), referenced in the scan config\n\nfileType:\nValues are: \"Authentication\", \"Certificate\", \"Crawling\", \"Selenium\", \"Traffic\", \"Wsdl\""
},
"response": []
},
{
"name": "/Config/GetAttachments",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Config/GetAttachments?configId=insert configId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Config",
"GetAttachments"
],
"query": [
{
"key": "configId",
"value": "insert configId"
}
]
},
"description": "Retrieves all auxiliary files (such as macro, traffic recording, etc), referenced in the scan configuration."
},
"response": []
},
{
"name": "/Config/GetConfigsByTargetId",
"protocolProfileBehavior": {
"disableBodyPruning": true
},
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}",
"type": "text"
},
{
"key": "Content-Type",
"name": "Content-Type",
"value": "application/json",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": ""
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Config/GetConfigs?targetId=insert targetId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Config",
"GetConfigs"
],
"query": [
{
"key": "targetId",
"value": "insert targetId"
}
]
},
"description": "Retrieves the configs for the target id"
},
"response": []
},
{
"name": "/Config/GetConfigsByTargetId?page=0&pageSize=10",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"type": "text",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Config/GetConfigs?targetId=insert targetId&page=0&pageSize=10",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Config",
"GetConfigs"
],
"query": [
{
"key": "targetId",
"value": "insert targetId"
},
{
"key": "page",
"value": "0"
},
{
"key": "pageSize",
"value": "10"
}
]
},
"description": "Retrieves the configs for the target id with paging"
},
"response": []
},
{
"name": "/Config/SaveConfigsXml",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}",
"type": "text"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Config/SaveConfigsXml",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Config",
"SaveConfigsXml"
]
},
"description": "Saves all the scan configs and their associated traffic files"
},
"response": []
}
],
"description": "This section describes API methods for managing Scan Configurations. Note that the user should have \"Config Manager\" permissions to work with configs"
},
{
"name": "5-Blackout Operations",
"item": [
{
"name": "/Blackout/GetBlackouts",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Blackout/GetBlackouts",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Blackout",
"GetBlackouts"
]
},
"description": "Retrieves the blackout list for the client"
},
"response": []
},
{
"name": "SaveBlackout",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "id",
"value": "",
"type": "text"
},
{
"key": "name",
"value": "Postman-Test",
"type": "text"
},
{
"key": "startTime",
"value": "2016-09-18T20:30:00",
"type": "text"
},
{
"key": "stopTime",
"value": "2016-09-19T09:00:00",
"type": "text"
},
{
"key": "targetHost",
"value": "www.webscantest.com",
"type": "text"
},
{
"key": "isRecurring",
"value": "true",
"type": "text"
},
{
"key": "recurrence",
"value": "{ \"End\": null, \"Type\": 0, \"DuringWeekday\": 127, \"Repeat\": 1, \"DayNumber\": 1, \"WeekOfMonth\": 1, \"Month\": 1, \"OccurrenceCount\": 1, \"Range\": 0 }",
"type": "text",
"disabled": true
}
]
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Blackout/SaveBlackout",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Blackout",
"SaveBlackout"
]
},
"description": "Creates or updates a blackout"
},
"response": []
},
{
"name": "DeleteBlackouts",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "",
"value": "",
"type": "text",
"disabled": true
}
]
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Blackout/DeleteBlackouts",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Blackout",
"DeleteBlackouts"
]
},
"description": "Removes a blackout"
},
"response": []
}
],
"description": "This section describes API methods for managing Blackouts. Note that the user should have \"Blackout Manager\" permissions to work with blackouts"
},
{
"name": "6-Scan Management",
"item": [
{
"name": "/Scan/GetScans",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Scan/GetScans",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Scan",
"GetScans"
]
},
"description": "Retrieves the scans list for the client"
},
"response": []
},
{
"name": "/Scan/RunScan",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "configId",
"value": "2158445a-6e46-4861-99dc-fa22e8f69530",
"type": "text"
},
{
"key": "configName",
"value": "rest_val_test",
"type": "text"
}
]
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Scan/RunScan",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Scan",
"RunScan"
]
},
"description": "Start a scan. One of parameters should be provided to start scan."
},
"response": []
},
{
"name": "/Scan/CancelScan",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "scanId",
"value": "insert scan id",
"type": "text"
}
]
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Scan/CancelScan",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Scan",
"CancelScan"
]
},
"description": "Cancels “Starting” or “Waiting for Cloud” scan "
},
"response": []
},
{
"name": "/Scan/PauseScan",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "scanId",
"value": "insert scan id",
"type": "text"
}
]
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Scan/PauseScan",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Scan",
"PauseScan"
]
},
"description": "Pauses a running scan "
},
"response": []
},
{
"name": "/Scan/ResumeScan",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "scanId",
"value": "insert scan id",
"type": "text"
}
]
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Scan/ResumeScan",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Scan",
"ResumeScan"
]
},
"description": "Resumes a paused scan "
},
"response": []
},
{
"name": "/Scan/StopScan",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "scanId",
"value": "insert scan id",
"type": "text"
}
]
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Scan/StopScan",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Scan",
"StopScan"
]
},
"description": "Stops a running scan "
},
"response": []
},
{
"name": "/Scan/PauseAllScans",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "raw",
"raw": ""
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Scan/PauseAllScans",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Scan",
"PauseAllScans"
]
},
"description": "Pauses all running scans for the client"
},
"response": []
},
{
"name": "/Scan/ResumeAllScans",
"request": {
"method": "POST",
"header": [],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "",
"value": "",
"type": "text",
"disabled": true
},
{
"key": "",
"value": "",
"type": "text",
"disabled": true
}
]
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Scan/ResumeAllScans",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Scan",
"ResumeAllScans"
]
},
"description": "Start a scan. One of parameters should be provided to start scan."
},
"response": []
},
{
"name": "/Scan/StopAllScans",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "",
"value": "",
"type": "text",
"disabled": true
}
]
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Scan/StopAllScans",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Scan",
"StopAllScans"
]
},
"description": "Start a scan. One of parameters should be provided to start scan."
},
"response": []
},
{
"name": "/Scan/CancelAllScans",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "urlencoded",
"urlencoded": [
{
"key": "",
"value": "",
"type": "text",
"disabled": true
}
]
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Scan/CancelAllScans",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Scan",
"CancelAllScans"
]
},
"description": "Start a scan. One of parameters should be provided to start scan."
},
"response": []
},
{
"name": "/Scan/GetScanStatus",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Scan/GetScanStatus?scanId=insert scanId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Scan",
"GetScanStatus"
],
"query": [
{
"key": "scanId",
"value": "insert scanId"
}
]
},
"description": "Retrieves the scan status represented by a string"
},
"response": []
},
{
"name": "/Scan/IsScanActive",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Scan/IsScanActive?scanId=insert scanId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Scan",
"IsScanActive"
],
"query": [
{
"key": "scanId",
"value": "insert scanId"
}
]
},
"description": "Tests whether the specified scan is active"
},
"response": []
},
{
"name": "/Scan/IsScanFinished",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Scan/IsScanFinished?scanId=insert scanId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Scan",
"IsScanFinished"
],
"query": [
{
"key": "scanId",
"value": "insert scanId"
}
]
},
"description": "Tests whether the specified scan was completed"
},
"response": []
},
{
"name": "/Scan/HasReport",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Scan/HasReport?scanId=insert scanId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Scan",
"HasReport"
],
"query": [
{
"key": "scanId",
"value": "insert scanId"
}
]
},
"description": "Tests whether the specified scan has a report"
},
"response": []
},
{
"name": "/Scan/GetScanErrors",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Scan/GetScanErrors?scanid=insert scanId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Scan",
"GetScanErrors"
],
"query": [
{
"key": "scanid",
"value": "insert scanId"
}
]
},
"description": "Gets scan error log"
},
"response": []
},
{
"name": "/Scan/GetScansByConfigId",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}",
"type": "text"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Scan/GetScans?configId=insert configId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Scan",
"GetScans"
],
"query": [
{
"key": "configId",
"value": "insert configId"
}
]
},
"description": "Retrieves the scans for the config id"
},
"response": []
},
{
"name": "/Scan/GetScansByConfigId?page=0&pageSize=10",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}",
"type": "text"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Scan/GetScans?configId=insert configId&page=0&pageSize=10",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Scan",
"GetScans"
],
"query": [
{
"key": "configId",
"value": "insert configId"
},
{
"key": "page",
"value": "0"
},
{
"key": "pageSize",
"value": "10"
}
]
}
},
"response": []
},
{
"name": "/Scan/GetScanStatuses",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}",
"type": "text"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Scan/GetScanStatuses",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Scan",
"GetScanStatuses"
]
},
"description": "Gets the status types for scans"
},
"response": []
},
{
"name": "/Scan/HasScanImported",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}",
"type": "text"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Scan/HasScanImported?scanId=insert scanId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Scan",
"HasScanImported"
],
"query": [
{
"key": "scanId",
"value": "insert scanId"
}
]
},
"description": "reports scan status and import flag representing whether vulnerabilities have been imported from the completed scan"
},
"response": []
},
{
"name": "/Scan/ValidateScan",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}",
"type": "text"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Scan/ValidateScan?scanId=ae1bab4a-250e-4207-a4da-695a1238a7c9",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Scan",
"ValidateScan"
],
"query": [
{
"key": "scanId",
"value": "ae1bab4a-250e-4207-a4da-695a1238a7c9"
}
]
}
},
"response": []
}
],
"description": "This section describes API methods for managing scan execution. Note that the user should have \"Scan Runner\" permissions to work with scans"
},
{
"name": "7-Report Management",
"item": [
{
"name": "11-Role Operations",
"item": [
{
"name": "/Role/Roles",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Role/GetRoles",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Role",
"GetRoles"
]
},
"description": "Gets role info"
},
"response": []
},
{
"name": "/Role/GetRoleByName",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Role/GetRole?roleName=insert roleName",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Role",
"GetRole"
],
"query": [
{
"key": "roleName",
"value": "insert roleName"
}
]
},
"description": "Gets role info by role name"
},
"response": []
},
{
"name": "/Role/GetRoleById",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Role/GetRole?roleId=insert roleId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Role",
"GetRole"
],
"query": [
{
"key": "roleId",
"value": "insert roleId"
}
]
},
"description": "Gets role info by role name"
},
"response": []
}
]
},
{
"name": "/Report/ImportStandardReport",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "formdata",
"formdata": [
{
"key": "scanId",
"value": "insert scan id",
"type": "text"
},
{
"key": "reportData",
"value": "",
"type": "file"
},
{
"key": "configId",
"value": "Insert config id",
"type": "text"
}
]
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Report/ImportStandardReport",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Report",
"ImportStandardReport"
]
},
"description": "Creates a new scan in the scan history or updates the report for the specified scan"
},
"response": []
},
{
"name": "/Report/ImportCheckmarxReport",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "formdata",
"formdata": [
{
"key": "scanId",
"value": "insert scan id",
"type": "text"
},
{
"key": "file",
"value": "",
"type": "file"
}
]
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Report/ImportCheckmarxReport",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Report",
"ImportCheckmarxReport"
]
},
"description": "Uploads checkmarx report"
},
"response": []
},
{
"name": "/Report/GetReportZip",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Report/GetReportZip?scanId=insert scanId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Report",
"GetReportZip"
],
"query": [
{
"key": "scanId",
"value": "insert scanId"
}
]
},
"description": "Gets ReportAllFiles.zip for the scan. Only scans in Completed and Stopped states may have a report"
},
"response": []
},
{
"name": "/Report/GetVulnerabilitiesSummaryXml",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Report/GetVulnerabilitiesSummaryXml?scanId=insert scanId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Report",
"GetVulnerabilitiesSummaryXml"
],
"query": [
{
"key": "scanId",
"value": "insert scanId"
}
]
},
"description": "Gets VulnerabilitiesSummary.xml for the scan. Only scans in the Completed and Stopped states may have a report"
},
"response": []
},
{
"name": "/Report/GetVulnerabilitiesSummaryJson",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Report/GetVulnerabilitiesSummaryJson?scanId=insert scanId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Report",
"GetVulnerabilitiesSummaryJson"
],
"query": [
{
"key": "scanId",
"value": "insert scanId"
}
]
},
"description": "Gets VulnerabilitiesSummary.json for the scan. Only scans in the Completed and Stopped states may have a report"
},
"response": []
},
{
"name": "/Report/GetCrawledLinksJson",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Report/GetCrawledLinksJson?scanId=insert scanId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Report",
"GetCrawledLinksJson"
],
"query": [
{
"key": "scanId",
"value": "insert scanId"
}
]
},
"description": "Gets CrawledLinks.xml for the scan. Only scans in Completed and Stopped states may have report.\r\n"
},
"response": []
}
],
"description": "This section describes API methods for managing report execution. Note that the user should have \"Report Manager\" permissions to work with scans"
},
{
"name": "8-Scheduled Scan Management",
"item": [
{
"name": "/ScanSchedule/ScheduleScan",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
},
{
"warning": "This is a duplicate header and will be overridden by the Content-Type header generated by Postman.",
"key": "Content-Type",
"value": "application/json",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": "{\r\n \"configId\": \"ab7cdde5-f7e9-4417-b162-dc4633cb69b4\",\r\n \"startTime\": \"2020-09-29T20:00:00\",\r\n \"isRecurring\": true,\r\n \"Recurrence\": {\r\n \"Type\": 1,\r\n \"DuringWeekday\": 4,\r\n \"Repeat\": 1,\r\n \"DayNumber\": 29,\r\n \"WeekOfMonth\": 5,\r\n \"Month\": 9,\r\n \"OccurrenceCount\": 1,\r\n \"Range\": 0\r\n }\r\n}"
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/ScanSchedule/ScheduleScan",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"ScanSchedule",
"ScheduleScan"
]
},
"description": "Schedules a scan"
},
"response": []
},
{
"name": "/ScanSchedule/DeleteScanSchedules",
"request": {
"method": "POST",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"scheduleIds\":[\"662e7e74-9d26-4b56-95fb-56a241424ffc\"]\n}",
"options": {
"raw": {
"language": "json"
}
}
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/ScanSchedule/DeleteScanSchedules",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"ScanSchedule",
"DeleteScanSchedules"
]
},
"description": "Deletes a scheduled scan from a client"
},
"response": []
},
{
"name": "/ScanSchedule/GetScanSchedules",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/ScanSchedule/GetScanSchedules",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"ScanSchedule",
"GetScanSchedules"
]
},
"description": "Retrieves a list of scheduled scans for the client"
},
"response": []
}
],
"description": "This section describes API methods for managing scheduled scans. Note that the user should have \"Scan Runner\" permissions to work with scheduled scans"
},
{
"name": "9-Findings Management",
"item": [
{
"name": "/Finding/GetVulnerabilities",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Finding/GetVulnerabilities",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Finding",
"GetVulnerabilities"
]
},
"description": "Retrieves the list of vulnerabilities filtered by the specific parameters"
},
"response": []
},
{
"name": "/Finding/GetVulnerabilities By ScanId",
"protocolProfileBehavior": {
"disableBodyPruning": true
},
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
},
{
"key": "Content-Type",
"name": "Content-Type",
"value": "application/json",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": ""
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Finding/GetVulnerabilities?scanId=insert scanId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Finding",
"GetVulnerabilities"
],
"query": [
{
"key": "scanId",
"value": "insert scanId"
}
]
},
"description": "Retrieves the list of vulnerabilities filtered by the specific parameters"
},
"response": []
},
{
"name": "/Finding/GetVulnerabilities By ScanConfig Name",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Finding/GetVulnerabilities?scanConfigName=insert scanConfigName",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Finding",
"GetVulnerabilities"
],
"query": [
{
"key": "scanConfigName",
"value": "insert scanConfigName"
}
]
},
"description": "Retrieves the list of vulnerabilities filtered by the specific parameters"
},
"response": []
},
{
"name": "/Finding/GetVulnerabilities?page=0&pageSize=250",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
},
{
"key": "",
"value": "",
"type": "text",
"disabled": true
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Finding/GetVulnerabilities?page=0&pageSize=250",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Finding",
"GetVulnerabilities"
],
"query": [
{
"key": "page",
"value": "0"
},
{
"key": "pageSize",
"value": "250"
}
]
}
},
"response": []
},
{
"name": "/Finding/GetVulnerabilities?page=0&pageSize=By Scan Id",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Finding/GetVulnerabilities?page=0&pageSize=10&ScanId=insert scan Id",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Finding",
"GetVulnerabilities"
],
"query": [
{
"key": "page",
"value": "0"
},
{
"key": "pageSize",
"value": "10"
},
{
"key": "ScanId",
"value": "insert scan Id"
}
]
}
},
"response": []
},
{
"name": "/Finding/GetVulnerabilities?page=0&pageSize=By ScanName",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Finding/GetVulnerabilities?page=0&pageSize=10&scanConfigName=insert scanConfigName",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Finding",
"GetVulnerabilities"
],
"query": [
{
"key": "page",
"value": "0"
},
{
"key": "pageSize",
"value": "10"
},
{
"key": "scanConfigName",
"value": "insert scanConfigName"
}
]
}
},
"response": []
},
{
"name": "/Finding/GetStatuses",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"type": "text",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Finding/GetStatuses",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Finding",
"GetStatuses"
]
},
"description": "Gets the status types for vulnerabilities"
},
"response": []
},
{
"name": "/Finding/UpdateStatus",
"request": {
"method": "PUT",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}",
"type": "text"
},
{
"key": "Content-Type",
"name": "Content-Type",
"value": "application/json",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"Status\": \"Verified\",\n \"Timestamp\": \"2019-05-23T12:05:00\"\n}\n"
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Finding/UpdateStatus?vulnerabilityId=insert vulnerabilityId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Finding",
"UpdateStatus"
],
"query": [
{
"key": "vulnerabilityId",
"value": "insert vulnerabilityId"
}
]
},
"description": "Updates a vulnerability's status"
},
"response": []
},
{
"name": "/Finding/GetSeverities",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}",
"type": "text"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Finding/GetSeverities",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Finding",
"GetSeverities"
]
},
"description": "Gets the list of severity types for a vulnerability"
},
"response": []
},
{
"name": "/Finding/UpdateSeverity",
"request": {
"method": "PUT",
"header": [
{
"key": "Content-Type",
"name": "Content-Type",
"value": "application/json",
"type": "text"
},
{
"key": "Authorization",
"value": "Basic {{Token}}",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"Severity\": \"0-Safe\",\n \"Timestamp\": \"2019-05-24T12:05:00\"\n}"
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Finding/UpdateSeverity?vulnerabilityId=insert vulnerabilityId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Finding",
"UpdateSeverity"
],
"query": [
{
"key": "vulnerabilityId",
"value": "insert vulnerabilityId"
}
]
},
"description": "Updates a vulnerability's severity"
},
"response": []
},
{
"name": "/Finding/GetAttackName",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"type": "text",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Finding/GetAttackName?vulnerabilityId=insert vulnerabilityId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Finding",
"GetAttackName"
],
"query": [
{
"key": "vulnerabilityId",
"value": "insert vulnerabilityId"
}
]
},
"description": "Gets the attack name for a vulnerabilityId"
},
"response": []
},
{
"name": "/Finding/GetValidationResults By ScanId",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}",
"type": "text"
},
{
"key": "Content-Type",
"value": "application/json",
"type": "text"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Finding/GetValidationResults?scanId=e6cf9d60-647a-46a3-86e8-3de4d3205b8a",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Finding",
"GetValidationResults"
],
"query": [
{
"key": "scanId",
"value": "e6cf9d60-647a-46a3-86e8-3de4d3205b8a"
}
]
}
},
"response": []
}
],
"description": "This section describes API methods for managing scan results. Note that the user should have \"Vulnerbalities Manager\" and \"Report Manager\" permissions to work with reports and vulnerabilities."
},
{
"name": "10-Client Operations",
"item": [
{
"name": "/Client/GetClients",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Client/GetClients",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Client",
"GetClients"
]
},
"description": "Returns a list of clients associated with the current user"
},
"response": []
},
{
"name": "/Client/GetClient By ClientName",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Client/GetClient?clientName=insert clientName",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Client",
"GetClient"
],
"query": [
{
"key": "clientName",
"value": "insert clientName"
}
]
},
"description": "Gets a client info by client name"
},
"response": []
},
{
"name": "/Client/GetClient By ClientId",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Client/GetClient?clientId=insert clientId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Client",
"GetClient"
],
"query": [
{
"key": "clientId",
"value": "insert clientId"
}
]
},
"description": "Gets a client info by client name"
},
"response": []
},
{
"name": "/Client/GetAccounts",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Client/GetAccounts?clientId=insert clientId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Client",
"GetAccounts"
],
"query": [
{
"key": "clientId",
"value": "insert clientId"
}
]
},
"description": "Gets a client info by client name"
},
"response": []
}
]
},
{
"name": "12-Group Operations",
"item": [
{
"name": "/Group/AddGroup",
"request": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"Accounts\": [\n {\n \"UserId\": \"\",\n \"UserName\": \"\",\n \"ClientId\": \"\"\n }\n ],\n \"Roles\": [\n {\n \"RoleId\": \"\",\n \"RoleName\": \"\"\n },\n {\n \"RoleId\": \"\",\n \"RoleName\": \"\"\n }\n ],\n \"GroupName\": \"\",\n \"ClientId\": \"\"\n}"
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Group/AddGroup",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Group",
"AddGroup"
]
},
"description": "Creates a group"
},
"response": []
},
{
"name": "/Group/UpdateGroup",
"request": {
"method": "PUT",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"Accounts\": [\n {\n \"UserId\": \"\",\n \"UserName\": \"\",\n \"ClientId\": \"\"\n }\n ],\n \"Roles\": [\n {\n \"RoleId\": \"\",\n \"RoleName\": \"\"\n },\n {\n \"RoleId\": \"\",\n \"RoleName\": \"\"\n }\n ],\n \"GroupName\": \"\",\n \"ClientId\": \"\"\n}"
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Group/UpdateGroup?groupId=insert groupId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Group",
"UpdateGroup"
],
"query": [
{
"key": "groupId",
"value": "insert groupId"
}
]
},
"description": "Update an existing group"
},
"response": []
},
{
"name": "/Group/GetGroupById",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Group/GetGroup?groupId=insert groupId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Group",
"GetGroup"
],
"query": [
{
"key": "groupId",
"value": "insert groupId"
}
]
},
"description": "Get a group by groupId"
},
"response": []
},
{
"name": "/Group/GetGroupByName",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Group/GetGroup?groupName=insert groupName",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Group",
"GetGroup"
],
"query": [
{
"key": "groupName",
"value": "insert groupName"
}
]
},
"description": "Get a group by groupName"
},
"response": []
},
{
"name": "/Group/GetGroups",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Group/GetGroups",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Group",
"GetGroups"
]
},
"description": "Get all groups"
},
"response": []
},
{
"name": "/Group/DeleteGroups",
"request": {
"method": "DELETE",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "raw",
"raw": ""
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Group/DeleteGroup?groupId=insert groupId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Group",
"DeleteGroup"
],
"query": [
{
"key": "groupId",
"value": "insert groupId"
}
]
},
"description": "Removes a group"
},
"response": []
}
]
},
{
"name": "13-Account Operations",
"item": [
{
"name": "/Account/AddAccount",
"request": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"Username\": \"\",\n \"Password\": \"\",\n \"FirstName\": \"\",\n \"LastName\": \"\",\n \"DefaultTimeZone\": \"UTC\",\n \"Email\": \"\",\n \"Enabled\": true,\n \"Locked\": false,\n \"External\": false,\n \"Clients\": [\n {\n \"Roles\": [\n {\n \"RoleId\": \"\",\n \"RoleName\": \"\"\n }\n ],\n \"NotInRoles\": [\n {\n \"RoleId\": \"\",\n \"RoleName\": \"\"\n }\n ],\n \"Groups\": [\n ],\n \"ClientInfo\": {\n \"ClientId\": \"\",\n \"ClientName\": \"\"\n }\n },\n {\n \"Roles\": [\n {\n \"RoleId\": \"\",\n \"RoleName\": \"\"\n }\n ],\n \"NotInRoles\": [\n {\n \"RoleId\": \"\",\n \"RoleName\": \"\"\n }\n ],\n \"Groups\": [\n ],\n \"ClientInfo\": {\n \"ClientId\": \"\",\n \"ClientName\": \"\"\n }\n }\n ]\n}"
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Account/AddAccount",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Account",
"AddAccount"
]
},
"description": "Creates an account"
},
"response": []
},
{
"name": "/Account/GetAccount",
"request": {
"method": "GET",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Account/GetAccount?accountId=insert accountId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Account",
"GetAccount"
],
"query": [
{
"key": "accountId",
"value": "insert accountId"
}
]
},
"description": "Get an account\n"
},
"response": []
},
{
"name": "/Account/UpdateAccount",
"request": {
"method": "PUT",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"Username\": \"\",\n \"Password\": \"\",\n \"FirstName\": \"\",\n \"LastName\": \"\",\n \"DefaultTimeZone\": \"UTC\",\n \"Email\": \"\",\n \"Enabled\": true,\n \"Locked\": false,\n \"External\": false,\n \"Clients\": [\n {\n \"Roles\": [\n {\n \"RoleId\": \"\",\n \"RoleName\": \"\"\n }\n ],\n \"NotInRoles\": [\n {\n \"RoleId\": \"\",\n \"RoleName\": \"\"\n }\n ],\n \"Groups\": [\n ],\n \"ClientInfo\": {\n \"ClientId\": \"\",\n \"ClientName\": \"\"\n }\n },\n {\n \"Roles\": [\n {\n \"RoleId\": \"\",\n \"RoleName\": \"\"\n }\n ],\n \"NotInRoles\": [\n {\n \"RoleId\": \"\",\n \"RoleName\": \"\"\n }\n ],\n \"Groups\": [\n ],\n \"ClientInfo\": {\n \"ClientId\": \"\",\n \"ClientName\": \"\"\n }\n }\n ]\n}"
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Account/UpdateAccount?accountId=insert accountId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Account",
"UpdateAccount"
],
"query": [
{
"key": "accountId",
"value": "insert accountId"
}
]
},
"description": "Update an existing account"
},
"response": []
},
{
"name": "/Account/DeleteAccount",
"request": {
"method": "DELETE",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "raw",
"raw": ""
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Account/DeleteAccount?accountId=insert accountId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Account",
"DeleteAccount"
],
"query": [
{
"key": "accountId",
"value": "insert accountId"
}
]
},
"description": "Removes an account"
},
"response": []
},
{
"name": "/Account/GetClients",
"request": {
"method": "GET",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Account/GetClients?accountId=insert accountId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Account",
"GetClients"
],
"query": [
{
"key": "accountId",
"value": "insert accountId"
}
]
},
"description": "Gets client associated with an account"
},
"response": []
},
{
"name": "/Account/UpdateClients",
"request": {
"method": "PUT",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"Clients\": [\n {\n \"Roles\": [\n {\n \"RoleId\": \"\",\n \"RoleName\": \"\"\n }\n ],\n \"NotInRoles\": [\n {\n \"RoleId\": \"\",\n \"RoleName\": \"\"\n }\n ],\n \"Groups\": [],\n \"ClientInfo\": {\n \"ClientId\": \"\",\n \"ClientName\": \"\"\n }\n }\n ]\n}"
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Account/UpdateClients?accountId=insert accountId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Account",
"UpdateClients"
],
"query": [
{
"key": "accountId",
"value": "insert accountId"
}
]
},
"description": "Updates existing client roles/groups attached to an account"
},
"response": []
},
{
"name": "/Account/AddClient",
"request": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"Clients\": [\n {\n \"Roles\": [\n {\n \"RoleId\": \"\",\n \"RoleName\": \"\"\n }\n ],\n \"NotInRoles\": [\n {\n \"RoleId\": \"\",\n \"RoleName\": \"\"\n }\n ],\n \"Groups\": [],\n \"ClientInfo\": {\n \"ClientId\": \"\",\n \"ClientName\": \"\"\n }\n }\n ]\n}"
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Account/AddClients?accountId=insert accountId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Account",
"AddClients"
],
"query": [
{
"key": "accountId",
"value": "insert accountId"
}
]
},
"description": "Add a new client role/groups to an account"
},
"response": []
},
{
"name": "/Account/DeleteClients",
"request": {
"method": "DELETE",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Basic {{Token}}"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"ClientId\": \"\",\n \"ClientName\": \"\"\n}"
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Account/DeleteClients?accountId=insert accountId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Account",
"DeleteClients"
],
"query": [
{
"key": "accountId",
"value": "insert accountId"
}
]
},
"description": "Removes a client from an account"
},
"response": []
},
{
"name": "/Account/GetAccount By UserName",
"request": {
"method": "GET",
"header": [
{
"key": "Content-Type",
"value": "application/json",
"type": "text"
},
{
"key": "Authorization",
"value": "Basic {{Token}}",
"type": "text"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Account/GetAccount?userName=insert userName",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Account",
"GetAccount"
],
"query": [
{
"key": "userName",
"value": "insert userName"
}
]
},
"description": "Gets the account for that username"
},
"response": []
}
]
},
{
"name": "14-SysAdmin Operations",
"item": [
{
"name": "/SysAdmin/AddAccount",
"request": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Basic {{Token-Admin}}"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"UserName\": \"\",\n \"Email\": \"\",\n \"Password\": \"\",\n \"FirstName\": \"\",\n \"LastName\": \"\",\n \"IsApproved\": true\n}"
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/SysAdmin/AddAccount",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"SysAdmin",
"AddAccount"
]
},
"description": "Creates a new sysadmin"
},
"response": []
},
{
"name": "/SysAdmin/AddExistingAccount",
"request": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Basic {{Token-Admin}}"
}
],
"body": {
"mode": "raw",
"raw": ""
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/SysAdmin/AddExistingAccount?userId=insert userId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"SysAdmin",
"AddExistingAccount"
],
"query": [
{
"key": "userId",
"value": "insert userId"
}
]
},
"description": "Migrates an existing user to sysadmin"
},
"response": []
},
{
"name": "/SysAdmin/DeleteAccount",
"request": {
"method": "DELETE",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Basic {{Token-Admin}}"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"UserName\": \"\",\n \"Email\": \"\",\n \"Password\": \"\",\n \"FirstName\": \"\",\n \"LastName\": \"\",\n \"IsApproved\": true\n}"
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/SysAdmin/DeleteAccount?userId=insert userId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"SysAdmin",
"DeleteAccount"
],
"query": [
{
"key": "userId",
"value": "insert userId"
}
]
},
"description": "Removes a sysadmin"
},
"response": []
},
{
"name": "/SysAdmin/GetAccount",
"request": {
"method": "GET",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Basic {{Token-Admin}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/SysAdmin/GetAccount?userId=insert userId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"SysAdmin",
"GetAccount"
],
"query": [
{
"key": "userId",
"value": "insert userId"
}
]
},
"description": "Gets a sysadmin account by accountId"
},
"response": []
},
{
"name": "/SysAdmin/UpdateAccount",
"request": {
"method": "PUT",
"header": [
{
"key": "Content-Type",
"value": "application/json"
},
{
"key": "Authorization",
"value": "Basic {{Token-Admin}}"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"UserName\": \"\",\n \"Email\": \"\",\n \"Password\": \"\",\n sd \"FirstName\": \"\",\n \"LastName\": \"\",\n \"IsApproved\": true\n}"
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/SysAdmin/UpdateAccount?userId=insert userId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"SysAdmin",
"UpdateAccount"
],
"query": [
{
"key": "userId",
"value": "insert userId"
}
]
},
"description": "Updates an existing sysadmin account"
},
"response": []
}
]
},
{
"name": "15-Target Operations",
"item": [
{
"name": "/Target/GetClientTargets",
"request": {
"method": "GET",
"header": [
{
"key": "Authorization",
"type": "text",
"value": "Basic {{Token}}"
}
],
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Target/GetClientTargets?clientId=insert clientId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Target",
"GetClientTargets"
],
"query": [
{
"key": "clientId",
"value": "insert clientId"
}
]
},
"description": "Get all targets"
},
"response": []
},
{
"name": "/Target/RemoveUserGroup",
"request": {
"method": "DELETE",
"header": [
{
"key": "Authorization",
"type": "text",
"value": "Basic {{Token}}"
},
{
"key": "Content-Type",
"name": "Content-Type",
"value": "application/json",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"GroupId\": \"\"\n}"
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Target/RemoveUserGroup?targetId=insert targetId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Target",
"RemoveUserGroup"
],
"query": [
{
"key": "targetId",
"value": "insert targetId"
},
{
"key": "",
"value": "",
"disabled": true
}
]
},
"description": "Removes the usergroup from the target"
},
"response": []
},
{
"name": "/Target/ClientApproval",
"request": {
"method": "PUT",
"header": [
{
"key": "Authorization",
"value": "Basic {{Token-Admin}}",
"type": "text"
},
{
"key": "Content-Type",
"name": "Content-Type",
"value": "application/json",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"ClientId\": \"9e41eefa-18d0-41d7-b786-653b40a06f8d\",\n \"Status\": \"Approved\"\n}"
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Target/ClientApproval?targetId=insert targetId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Target",
"ClientApproval"
],
"query": [
{
"key": "targetId",
"value": "insert targetId"
},
{
"key": "",
"value": "",
"disabled": true
}
]
},
"description": "Approves Targets but only as system admin"
},
"response": []
},
{
"name": "/Target/AssignToUserGroup",
"request": {
"method": "PUT",
"header": [
{
"key": "Authorization",
"type": "text",
"value": "Basic {{Token}}"
},
{
"key": "Content-Type",
"name": "Content-Type",
"type": "text",
"value": "application/json"
}
],
"body": {
"mode": "raw",
"raw": "{\n \"GroupId\": \"313e3b45-a95a-4480-96e3-fdfa26fdf006\"\n}"
},
"url": {
"raw": "{{Protocol}}://{{Server}}/{{Endpoint}}/rest/v1/Target/AssignToUserGroup?targetId=insert targetId",
"protocol": "{{Protocol}}",
"host": [
"{{Server}}"
],
"path": [
"{{Endpoint}}",
"rest",
"v1",
"Target",
"AssignToUserGroup"
],
"query": [
{
"key": "targetId",
"value": "insert targetId"
},
{
"key": "",
"value": "",
"disabled": true
}
]
},
"description": "Assigns a user group to a target"
},
"response": []
}
]
}
]
}