This method can be used for the following functionality: Create a new Project in AttackForge
Parameters
The following URL, Headers and Parameters are required for requests to this API endpoint. Where a parameter is optional, it will be indicated. Otherwise treat all parameters as mandatory.
Headers
POST /api/ss/project HTTP/1.1
Host: demo.attackforge.com
X-SSAPI-KEY: APIKey
Content-Type: application/json
Connection: close
Query
name (string)
Name of the project.
Example:
{
"name": "..."
}
code (string)
Project code.
Example:
{
"code": "..."
}
groups (array of strings) (optional)
Groups to link to the project. Must match group IDs.
Example:
{
"groups": ["64f7909963cc54000ed4ecfc"]
}
startDate (string)
Project start date. Must be UTC string e.g. 2021-06-03T23:15:33.008Z.
Example:
{
"startDate": "2021-06-03T00:00:00.000Z"
}
endDate (string)
Project end date. Must be UTC string e.g. 2021-06-03T23:15:33.008Z.
Example:
{
"endDate": "2021-06-03T00:00:00.000Z"
}
scoringSystem (string) (optional)
Scoring system to be used on the project. Must be either Manual or CVSSv3.1.
Example:
{
"scoringSystem": "CVSSv3.1"
}
scope (array of strings)
Project scope / assets to be tested. Include name of asset or the asset Id if using the assets module.
Individual or Grouped emails to be sent for new vulnerabilities. Must include one of the following: individual, group. If not specified, default option is individual
Example:
{
"new_vulnerability_email_type": "group"
}
new_vulnerability_email (string) (optional)
Email body for new vulnerability discovered notifications.
Example:
{
"new_vulnerability_email": "..."
}
new_vulnerability_email_additional_recipients (array of strings) (optional)
Additional email recipients for new vulnerability discovered notifications. Must be a list of email addresses.
Force emails to project team. Must include one or more of the following: all_emails, daily_start_stop_testing, new_critical_vulnerability, new_high_vulnerability, new_medium_vulnerability, new_low_vulnerability, new_info_vulnerability, vulnerability_ready_for_retesting, vulnerability_reopened, vulnerability_closed, project_role_updated, project_hold, retest_completed
Example:
{
"forced_emails": ["..."]
}
sla_activation (string) (optional)
Apply vulnerability SLAs automatically or manually. Must be either "automatic" or "manual". Automatic is default.
Example:
{
"sla_activation": "..."
}
custom_fields (array of objects) (optional)
Custom fields. Must include a key and value. Key must be unique and letters, number and underscores only.
Configure features on the project. Roles must be either client, consultant or librarymod. Minimum Project Access Level must be either View, Upload or Edit.
