AttackForge
AttackForge.comAttackForge EnterpriseSelf-Service APIFAQ
Search…
AttackForge Support
Release Notes
AttackForge.com
Getting Started
Modules
Upgrade to Pro
Security
Privacy
AttackForge Enterprise & AttackForge Core
Getting Started
Modules
Dashboard
Analytics
Portfolios
Projects
Retesting
Schedule
Reporting
Search
Assets
Vulnerability Library
Test Suite Builder
Groups
Users
Notifications
Self-Service RESTful API
GETTING STARTED
EXPORTING TO CSV
ActivateUser
AddTestcaseToTestsuite
AddUserToGroup
ApproveProjectRequestById
ConfirmRetestCompleted
CreateAssetInLibrary
CreateGroup
CreateProject
CreateProjectNote
CreateProjectRequest
CreateProjectWorkspaceNote
CreateRemediationNote
CreateScope
CreateTestcaseNote
CreateTestsuite
CreateUser
CreateVulnerability
CreateVulnerabilityBulk
CreateVulnerabilityLibraryIssue
CreateVulnerabilityWithLibrary
DeactivateUser
DownloadVulnerabilityEvidence
GetApplicationAuditLogs
GetAssets
GetAssetsByGroup
GetAssetInLibrary
GetAssetsInLibrary
GetGroup
GetGroups
GetMostCommonVulnerabilities
GetMostFailedTestcases
GetMostVulnerableAssets
GetProjectAuditLogs
GetProjectById
GetProjects
GetProjectsByGroup
GetProjectNotes
GetProjectRequests
GetProjectRequestById
GetProjectTestcasesById
GetProjectVulnerabilitiesById
GetProjectWorkspace
GetTestsuiteById
GetTestsuites
GetUserById
GetUserAuditLogs
GetUserGroups
GetUserLoginHistory
GetUserProjects
GetUsers
GetVulnerabilityById
GetVulnerabilities
GetVulnerabilitiesByAssetName
GetVulnerabilitiesByGroup
GetVulnerabilityLibraryIssues
InviteUserToProject
RejectProjectRequestById
RequestRetest
SendDailyCommencementEmail
SendDailyCompletionEmail
UpdateAssetInLibrary
UpdateExecSummaryNotes
UpdateGroup
UpdateProjectById
UpdateProjectNote
UpdateProjectRequestById
UpdateProjectWorkspaceNote
UpdateScope
UpdateTestcase
UpdateTestcaseOnTestsuite
UpdateTestsuite
UpdateUserAccessOnGroup
UpdateUserAccessOnProject
UpdateVulnerabilityById
UpdateVulnerabilityLibraryIssue
UpdateVulnerabilityWithLibrary
UploadVulnerabilityEvidence
Self-Service Events API
Administration
Themes
Access Control Matrix
Configuration Options
Raising Support Tickets
Built For Enterprise
Security
FAQs
Careers @ AttackForge
Contact
Powered By GitBook
GETTING STARTED

Overview

This page will help you to get started with using the Self-Service RESTful API.

Authentication

Access to the Self-Service RESTful API is controlled using an Authorization token / API key. If you do not already have an existing Self-Service RESTful API key, you can generate one within the application.
In order to access the Self-Service RESTful API, you must meet the following conditions:
    You must have a valid Self-Service API key;
    You must be provided with access to RESTful API methods by the Administrators; and
    Your API Key is supplied in the Header X-SSAPI-KEY for each request to the API endpoint
Your key is static and does not expire. You can request a new key at any time within the application.
All requests to the API must be made over HTTPS. Calls made over plain HTTP will fail. You must authenticate all requests.

Accessing the RESTful API

Access to the RESTful API, including scope of data available, is restricted to the users' data within the application. This means that an Administrators' API key cannot access all data in the system,
By default, every user in the system does not have access to any of the RESTful API methods. Access to the RESTful API must be provided explicitly by an Administrator, and in controlled on an individual method basis.
A user can see their access to the RESTful SSAPI by viewing the My API section within the SSAPI module in the application.
An Administrator can provide access to the RESTful SSAPI for a user by accessing the Users module.
Previous
Self-Service RESTful API
Next
EXPORTING TO CSV
Last modified 2mo ago
Copy link
Contents
Overview
Authentication
Accessing the RESTful API