CreatePortfolio

This method can be used for the following functionality: Create a new Portfolio

Parameters

The following URL, Headers and Parameters are required for requests to this API endpoint. Where a parameter is optional, it will be indicated. Otherwise treat all parameters as mandatory.

Headers

POST /api/ss/portfolio HTTP/1.1
Host: demo.attackforge.com
X-SSAPI-KEY: APIKey
Content-Type: application/json
Connection: close

Body

name (string)

Name of the portfolio.

Example:

{
   "name": "..."
}

code (string) (optional)

Portfolio code.

Example:

{
   "code": "..."
}

description (string) (optional)

Portfolio description.

Example:

{
   "description": "..."
}

level_1_owner (string) (optional)

Portfolio level 1 owner.

Example:

{
   "level_1_owner": "..."
}

level_2_owner (string) (optional)

Portfolio level 2 owner.

Example:

{
   "level_2_owner": "..."
}

level_3_owner (string) (optional)

Portfolio level 3 owner.

Example:

{
   "level_3_owner": "..."
}

users_with_view_access (array of strings) (optional)

Users Ids for users who will have View access to this Portfolio.

Example:

{
   "users_with_view_access": [
      "..."
   ]
}

groups_with_view_access (array of strings) (optional)

Group Ids for users who will have View access to this Portfolio.

Example:

{
   "groups_with_view_access": [
      "..."
   ]
}

users_with_link_access (array of strings) (optional)

Users Ids for users who will have Link access to this Portfolio.

Example:

{
   "users_with_link_access": [
      "..."
   ]
}

groups_with_link_access (array of strings) (optional)

Group Ids for users who will have Link access to this Portfolio.

Example:

{
   "groups_with_link_access": [
      "..."
   ]
}

streams (array of objects) (optional)

Create Streams on the Portfolio.

  • name - Stream name

  • projects - Project Ids to link to the Stream (optional)

  • users_with_view_access - Users Ids for users who will have View access to this Portfolio. (optional)

  • users_with_link_access - Users Ids for users who will have Link access to this Portfolio. (optional)

  • groups_with_view_access - Group Ids for groups who will have View access to this Portfolio. (optional)

  • groups_with_link_access - Group Ids for groups who will have Link access to this Portfolio. (optional)

  • sort_order - sort order for the Streams (optional)

Example:

{
   "name": "...",
   "projects": [
      "..."
   ],
   "users_with_view_access": [
      "..."
   ],
   "users_with_link_access": [
      "..."
   ],
   "groups_with_view_access": [
      "..."
   ],
   "groups_with_link_access": [
      "..."
   ],
   "sort_order": 1
}

tags (array of strings) (optional)

Portfolio tags.

Example:

{
   "tags": [
      "..."
   ]
}

custom_fields (array of objects) (optional)

Custom fields. Must include a key and value. Key must be unique and letters, number and underscores only.

For more information visit https://support.attackforge.com/attackforge-enterprise/getting-started/custom-fields-and-forms#using-custom-fields-with-apis

Example:

{   
    "custom_fields": [
        {
            "key": "...",
            "value": "..."
        }
    ]
}

Example

The following example is a cURL request to create a new portfolio.

Request

Include API Token instead of stars in 'X-SSAPI-KEY: ***************************************' parameter.

curl -X POST 'https://localhost:3000/api/ss/portfolio' -H 'Host: localhost:3000' -H 'X-SSAPI-KEY: ***************************************' -H 'Content-Type: application/json' -H 'Connection: close' -d '{
  "name": "ACME Corp.",
  "code": "ACME2024",
  "description": "All 2024 testing for ACME Corp.",
  "streams": [
    {
      "name": "Web App"
    },
    {
      "name": "Infrastructure"
    }
  ]
}'

Response

Response contains a portfolio object.

{
  "portfolio": {
    "id": "..."
  }
}
PreviousCreateGroupNextCreateProject

Last updated

Check YouTube for more tutorials: https://youtube.com/@attackforge