# CreatePortfolio

## Parameters

The following URL, Headers and Parameters are required for requests to this API endpoint. Where a parameter is optional, it will be indicated. Otherwise treat all parameters as mandatory.

### Headers

```
POST /api/ss/portfolio HTTP/1.1
Host: demo.attackforge.com
X-SSAPI-KEY: APIKey
Content-Type: application/json
Connection: close
```

### Body

**name&#x20;*****(string)***

Name of the portfolio.

Example:

```
{
   "name": "..."
}
```

**code&#x20;*****(string) (optional)***

Portfolio code.

Example:

```
{
   "code": "..."
}
```

**description&#x20;*****(string) (optional)***

Portfolio description.

Example:

```
{
   "description": "..."
}
```

**level\_1\_owner&#x20;*****(string) (optional)***

Portfolio level 1 owner.

Example:

```
{
   "level_1_owner": "..."
}
```

**level\_2\_owner&#x20;*****(string) (optional)***

Portfolio level 2 owner.

Example:

```
{
   "level_2_owner": "..."
}
```

**level\_3\_owner&#x20;*****(string) (optional)***

Portfolio level 3 owner.

Example:

```
{
   "level_3_owner": "..."
}
```

**users\_with\_view\_access&#x20;*****(array of strings) (optional)***

Users Ids for users who will have View access to this Portfolio.

Example:

```
{
   "users_with_view_access": [
      "..."
   ]
}
```

**groups\_with\_view\_access&#x20;*****(array of strings) (optional)***

Group Ids for users who will have View access to this Portfolio.

Example:

```
{
   "groups_with_view_access": [
      "..."
   ]
}
```

**users\_with\_link\_access&#x20;*****(array of strings) (optional)***

Users Ids for users who will have Link access to this Portfolio.

Example:

```
{
   "users_with_link_access": [
      "..."
   ]
}
```

**groups\_with\_link\_access&#x20;*****(array of strings) (optional)***

Group Ids for users who will have Link access to this Portfolio.

Example:

```
{
   "groups_with_link_access": [
      "..."
   ]
}
```

**streams&#x20;*****(array of objects) (optional)***

Create Streams on the Portfolio.

* name - Stream name
* projects - Project Ids to link to the Stream ***(optional)***
* users\_with\_view\_access - Users Ids for users who will have View access to this Portfolio. ***(optional)***
* users\_with\_link\_access - Users Ids for users who will have Link access to this Portfolio. ***(optional)***
* groups\_with\_view\_access - Group Ids for groups who will have View access to this Portfolio. ***(optional)***
* groups\_with\_link\_access - Group Ids for groups who will have Link access to this Portfolio. ***(optional)***
* sort\_order - sort order for the Streams ***(optional)***

Example:

```
{
   "name": "...",
   "projects": [
      "..."
   ],
   "users_with_view_access": [
      "..."
   ],
   "users_with_link_access": [
      "..."
   ],
   "groups_with_view_access": [
      "..."
   ],
   "groups_with_link_access": [
      "..."
   ],
   "sort_order": 1
}
```

**tags&#x20;*****(array of strings) (optional)***

Portfolio tags.

Example:

```
{
   "tags": [
      "..."
   ]
}
```

**custom\_fields (*****array of objects*****) (*****optional*****)**

Custom fields. Must include a key and value. Key must be unique and letters, number and underscores only.

For more information visit <https://support.attackforge.com/attackforge-enterprise/getting-started/custom-fields-and-forms#using-custom-fields-with-apis>

Example:

```
{   
    "custom_fields": [
        {
            "key": "...",
            "value": "..."
        }
    ]
}
```

## Example

The following example is a cURL request to create a new portfolio.

### Request

Include API Token instead of stars in 'X-SSAPI-KEY: \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*' parameter.

```
curl -X POST 'https://localhost:3000/api/ss/portfolio' -H 'Host: localhost:3000' -H 'X-SSAPI-KEY: ***************************************' -H 'Content-Type: application/json' -H 'Connection: close' -d '{
  "name": "ACME Corp.",
  "code": "ACME2024",
  "description": "All 2024 testing for ACME Corp.",
  "streams": [
    {
      "name": "Web App"
    },
    {
      "name": "Infrastructure"
    }
  ]
}'
```

### Response

Response contains a portfolio object.

```
{
  "portfolio": {
    "id": "..."
  }
}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://support.attackforge.com/attackforge-enterprise/modules/self-service-restful-api/createportfolio.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.