CreateProject
This method can be used for the following functionality: Create a new Project in AttackForge
Parameters
The following URL, Headers and Parameters are required for requests to this API endpoint. Where a parameter is optional, it will be indicated. Otherwise treat all parameters as mandatory.
Headers
Query
name (string)
Name of the project.
Example:
code (string)
Project code.
Example:
groups (array of strings) (optional)
Groups to link to the project. Must match group IDs.
Example:
startDate (string)
Project start date. Must be UTC string e.g. 2021-06-03T23:15:33.008Z.
Example:
endDate (string)
Project end date. Must be UTC string e.g. 2021-06-03T23:15:33.008Z.
Example:
scoringSystem (string) (optional)
Scoring system to be used on the project. Must be either Manual or CVSSv3.1.
Example:
scope (array of strings)
Project scope / assets to be tested. Include name of asset or the asset Id if using the assets module.
Example:
asset_library_ids (array of strings) (optional)
Asset libraries to map scope against.
Example:
testsuites (array of strings)
Testsuites to assign to the project. Must match exact testsuite names.
Example:
organization_code (string) (optional)
Project organization code.
Example:
vulnerability_code (string) (optional)
Vulnerability code for user friendly vulnerability ids. Must be unique per project, 3-8 characters in length.
Example:
team_notifications (array of strings) (optional)
Project team notifications. Must include one or more of the following: critical, high, medium, low, info, retest, reopened, closed
Example:
admin_notifications (array of strings) (optional)
Admin notifications. Must include one or more of the following: retest, reopened, closed
Example:
start_stop_testing_email (string) (optional)
Email body for daily start & stop testing notifications.
Example:
start_stop_testing_email_additional_recipients (array of strings) (optional)
Additional email recipients for daily start & stop testing notifications. Must be a list of email addresses.
Example:
new_vulnerability_email_type (string) (optional)
Individual or Grouped emails to be sent for new vulnerabilities. Must include one of the following: individual, group. If not specified, default option is individual
Example:
new_vulnerability_email (string) (optional)
Email body for new vulnerability discovered notifications.
Example:
new_vulnerability_email_additional_recipients (array of strings) (optional)
Additional email recipients for new vulnerability discovered notifications. Must be a list of email addresses.
Example:
forced_emails (array of strings) (optional)
Force emails to project team. Must include one or more of the following: all_emails, daily_start_stop_testing, new_critical_vulnerability, new_high_vulnerability, new_medium_vulnerability, new_low_vulnerability, new_info_vulnerability, vulnerability_ready_for_retesting, vulnerability_reopened, vulnerability_closed, project_role_updated, project_hold, retest_completed
Example:
sla_activation (string) (optional)
Apply vulnerability SLAs automatically or manually. Must be either "automatic" or "manual". Automatic is default.
Example:
custom_fields (array of objects) (optional)
Custom fields. Must include a key and value. Key must be unique and letters, number and underscores only.
For more information visit https://support.attackforge.com/attackforge-enterprise/getting-started/custom-fields-and-forms#using-custom-fields-with-apis
Example:
portfolio_streams (array of objects) (optional)
Enter a list of Portfolio & Stream Ids to link this project to. Stream must be part of the Portfolio.
Example:
Example
The following example is a cURL request to create a new project.
Request
Include API Token instead of stars in 'X-SSAPI-KEY: ***************************************' parameter.
Response
Response contains a project object.
Last updated