Comment on page
CreateProjectRequest
This method can be used for the following functionality: Create a new Request for Project in AttackForge
The following URL, Headers and Parameters are required for requests to this API endpoint. Where a parameter is optional, it will be indicated. Otherwise treat all parameters as mandatory.
POST /api/ss/request HTTP/1.1
Host: demo.attackforge.com
X-SSAPI-KEY: APIKey
Content-Type: application/json
Connection: close
name (string)
Name of the project.
Example:
{
"name": "..."
}
code (string)
Project code.
Example:
{
"code": "..."
}
groups (array of strings) (optional)
Groups to link to the project. Must match exact group names.
Example:
{
"groups": ["...", "...", "..."]
}
scope (array of strings)
Project scope / assets to be tested.
Example:
{
"scope": ["...", "...", "..."]
}
testsuites (array of strings)
Testsuites to assign to the project. Must match exact testsuite names.
Example:
{
"testsuites": ["...", "...", "..."]
}
startDate (string)
Desired project start date. Must be UTC string e.g. 2021-06-03T23:15:33.008Z.
Example:
{
"startDate": "2021-06-03T00:00:00.000Z"
}
endDate (string)
Desired project end date. Must be UTC string e.g. 2021-06-03T23:15:33.008Z.
Example:
{
"endDate": "2021-06-03T00:00:00.000Z"
}
test_window (array of strings)
Test window for the project. Must be one or more of the following: Weekdays-BusinessHours, Weekdays-NonBusinessHours, Weekends
Example:
{
"test_window": ["Weekdays-BusinessHours", "Weekends"]
}
onsite_testing (string)
Whether onsite testing is required or not. Must be one or more of the following: Yes, No
Example:
{
"onsite_testing": "Yes"
}
reason_for_testing (string) (optional)
Reason or justification for testing.
Example:
{
"reason_for_testing": "..."
}
organization_code (string) (optional)
Organization code.
Example:
{
"organization_code": "..."
}
custom_fields (array of objects) (optional)
Custom fields. Must include a key and value. Key must be unique and letters, number and underscores only.
Example:
{
"custom_fields": [{"key": "...", "value": "..."}]
}
The following example is a cURL request to create a new project request.
Include API Token instead of stars in 'X-SSAPI-KEY: ***************************************' parameter.
curl -X POST 'https://demo.attackforge.com/api/ss/request' -H 'Host: demo.attackforge.com' -H 'X-SSAPI-KEY: ***************************************' -H 'Content-Type: application/json' -H 'Connection: close' -d '{
"name": "ACME Corp Web App Pentest",
"code": "DEMO9999",
"groups": ["ACME Corp Digital Team", "Pentest Team"],
"scope": ["test.com", "192.168.0.1"],
"testsuites": ["ASVS Level 2 Web Application", "OSSTMM v3.0 Infrastructure"],
"startDate": "2021-06-03T00:00:00.000Z",
"endDate": "2021-06-04T00:00:00.000Z",
"test_window": ["Weekdays-BusinessHours", "Weekends"],
"onsite_testing": "Yes",
"reason_for_testing": "Application is about to go-live.",
"custom_fields": [{"key": "customer_name", "value": "WAYNE TECHNOLOGIES."}]
}'
Response contains a project request object.
{
"request": {
"id": "...",
"created": "...",
"last_updated": "...",
"name": "...",
"code": "...",
"groups": [
"..."
],
"scope": [
"..."
],
"testsuites": [
"..."
],
"startDate": "...",
"endDate": "...",
"test_window": [
"..."
],
"onsite_testing": "...",
"reason_for_testing": "...",
"custom_fields": [
{
"key": "...",
"value": "..."
}
]
}
}
Last modified 8mo ago