CreateProjectRequest

This method can be used for the following functionality: Create a new Request for Project in AttackForge

Parameters

The following URL, Headers and Parameters are required for requests to this API endpoint. Where a parameter is optional, it will be indicated. Otherwise treat all parameters as mandatory.

Headers

POST /api/ss/request HTTP/1.1
Host: demo.attackforge.com
X-SSAPI-KEY: APIKey
Content-Type: application/json
Connection: close

Query

name (string)

Name of the project.

Example:

{
   "name": "..."
}

code (string)

Project code.

Example:

{
   "code": "..."
}

groups (array of strings) (optional)

Groups to link to the project. Must match exact group names.

Example:

{
   "groups": ["...", "...", "..."]
}

scope (array of strings)

Project scope / assets to be tested.

Example:

{
   "scope": ["...", "...", "..."]
}

testsuites (array of strings)

Testsuites to assign to the project. Must match exact testsuite names.

Example:

{
   "testsuites": ["...", "...", "..."]
}

startDate (string)

Desired project start date. Must be UTC string e.g. 2021-06-03T23:15:33.008Z.

Example:

{
   "startDate": "2021-06-03T00:00:00.000Z"
}

endDate (string)

Desired project end date. Must be UTC string e.g. 2021-06-03T23:15:33.008Z.

Example:

{
   "endDate": "2021-06-03T00:00:00.000Z"
}

test_window (array of strings)

Test window for the project. Must be one or more of the following: Weekdays-BusinessHours, Weekdays-NonBusinessHours, Weekends

Example:

{
   "test_window": ["Weekdays-BusinessHours", "Weekends"]
}

onsite_testing (string)

Whether onsite testing is required or not. Must be one or more of the following: Yes, No

Example:

{
   "onsite_testing": "Yes"
}

reason_for_testing (string) (optional)

Reason or justification for testing.

Example:

{   
    "reason_for_testing": "..."
}

organization_code (string) (optional)

Organization code.

Example:

{   
    "organization_code": "..."
}

custom_fields (array of objects) (optional)

Custom fields. Must include a key and value. Key must be unique and letters, number and underscores only.

For more information visit https://support.attackforge.com/attackforge-enterprise/getting-started/custom-fields-and-forms#using-custom-fields-with-apis

Example:

{   
    "custom_fields": [{"key": "...", "value": "..."}]
}

Example

The following example is a cURL request to create a new project request.

Request

Include API Token instead of stars in 'X-SSAPI-KEY: ***************************************' parameter.

curl -X POST 'https://demo.attackforge.com/api/ss/request' -H 'Host: demo.attackforge.com' -H 'X-SSAPI-KEY: ***************************************' -H 'Content-Type: application/json' -H 'Connection: close' -d '{
  "name": "ACME Corp Web App Pentest",
  "code": "DEMO9999",
  "groups": ["ACME Corp Digital Team", "Pentest Team"],
  "scope": ["test.com", "192.168.0.1"],
  "testsuites": ["ASVS Level 2 Web Application", "OSSTMM v3.0 Infrastructure"],
  "startDate": "2021-06-03T00:00:00.000Z",
  "endDate": "2021-06-04T00:00:00.000Z",
  "test_window": ["Weekdays-BusinessHours", "Weekends"],
  "onsite_testing": "Yes",
  "reason_for_testing": "Application is about to go-live.",
  "custom_fields": [{"key": "customer_name", "value": "WAYNE TECHNOLOGIES."}]
}'

Response

Response contains a project request object.

{
  "request": {
    "id": "...",
    "created": "...",
    "last_updated": "...",
    "name": "...",
    "code": "...",
    "groups": [
      "..."
    ],
    "scope": [
      "..."
    ],
    "testsuites": [
      "..."
    ],
    "startDate": "...",
    "endDate": "...",
    "test_window": [
      "..."
    ],
    "onsite_testing": "...",
    "reason_for_testing": "...",
    "custom_fields": [
      {
        "key": "...", 
        "value": "..."
      }
    ]
  }
}
PreviousCreateProjectNoteNextCreateProjectTestCase

Last updated

Check YouTube for more tutorials: https://youtube.com/@attackforge