AttackForge
Search
K

UpdateProjectById

This method can be used for the following functionality: Update a project by it's Id.

Parameters

The following URL, Headers and Parameters are required for requests to this API endpoint. Where a parameter is optional, it will be indicated. Otherwise treat all parameters as mandatory.

Headers

PUT /api/ss/project/:id HTTP/1.1
Host: demo.attackforge.com
X-SSAPI-KEY: APIKey
Content-Type: application/json
Connection: close

Query

id (string)
Project Id.
Example:
PUT /api/ss/project/5eab99471e18050942c7607a HTTP/1.1
created (string) (optional)
Overwrite the created timestamp for the project. Must be UTC string e.g. 2021-06-03T23:15:33.008Z.
Example:
{
"created": "2021-06-03T23:15:33.008Z"
}
name (string) (optional)
Name of the project.
Example:
{
"name": "..."
}
code (string) (optional)
Project code.
Example:
{
"code": "..."
}
groups (array of strings) (optional)
Groups to link to the project. Must match group IDs.
Example:
{
"groups": ["64f7909963cc54000ed4ecfc"]
}
startDate (string) (optional)
Project start date. Must be UTC string e.g. 2021-06-03T23:15:33.008Z.
Example:
{
"startDate": "2021-06-03T00:00:00.000Z"
}
endDate (string) (optional)
Project end date. Must be UTC string e.g. 2021-06-03T23:15:33.008Z.
Example:
{
"endDate": "2021-06-03T00:00:00.000Z"
}
scoringSystem (string) (optional)
Scoring system to be used on the project. Must be either Manual or CVSSv3.1.
Example:
{
"scoringSystem": "CVSSv3.1"
}
isOnHold (string) (optional)
Whether project is currently On-Hold. Must be either Yes or No.
Example:
{
"isOnHold": "Yes"
}
isOnHoldReason (string) (optional)
If project is On-Hold, or is now Off-Hold - include a reason. This will be sent in email to project team informing status change.
Example:
{
"isOnHoldReason": "The environment is currently experiencing issues and is not working."
}
organization_code (string) (optional)
Project organization code.
Example:
{
"organization_code": "..."
}
vulnerability_code (string) (optional)
Vulnerability code for user friendly vulnerability ids. Must be unique per project, 3-8 characters in length.
Example:
{
"vulnerability_code": "..."
}
team_notifications (array of strings) (optional)
Project team notifications. Must include one or more of the following: critical, high, medium, low, info, retest, reopened, closed
Example:
{
"team_notifications": ["..."]
}
admin_notifications (array of strings) (optional)
Admin notifications. Must include one or more of the following: retest, reopened, closed
Example:
{
"admin_notifications": ["..."]
}
start_stop_testing_email (string) (optional)
Email body for daily start & stop testing notifications.
Example:
{
"start_stop_testing_email": "..."
}
start_stop_testing_email_additional_recipients (array of strings) (optional)
Additional email recipients for daily start & stop testing notifications. Must be a list of email addresses.
Example:
{
"start_stop_testing_email_additional_recipients": ["..."]
}
new_vulnerability_email_type (string) (optional)
Individual or Grouped emails to be sent for new vulnerabilities. Must include one of the following: individual, group. If not specified, default option is individual
Example:
{
"new_vulnerability_email_type": "group"
}
new_vulnerability_email (string) (optional)
Email body for new vulnerability discovered notifications.
Example:
{
"new_vulnerability_email": "..."
}
new_vulnerability_email_additional_recipients (array of strings) (optional)
Additional email recipients for new vulnerability discovered notifications. Must be a list of email addresses.
Example:
{
"new_vulnerability_email_additional_recipients": ["..."]
}
forced_emails (array of strings) (optional)
Force emails to project team. Must include one or more of the following: all_emails, daily_start_stop_testing, new_critical_vulnerability, new_high_vulnerability, new_medium_vulnerability, new_low_vulnerability, new_info_vulnerability, vulnerability_ready_for_retesting, vulnerability_reopened, vulnerability_closed, project_role_updated, project_hold, retest_completed
Example:
{
"forced_emails": ["..."]
}
sla_activation (string) (optional)
Apply vulnerability SLAs automatically or manually. Must be either "automatic" or "manual". Automatic is default.
Example:
{
"sla_activation": "..."
}
executive_summary (string) (optional)
Executive summary for the reports.
Example:
{
"executive_summary": "..."
}
custom_fields (array of objects) (optional)
Custom fields. Must include a key and value. Key must be unique and letters, numbers and underscores only.
Example:
{
"custom_fields": [{"key": "...", "value": "..."}]
}
portfolio_streams (array of objects) (optional)
Enter a list of Portfolio & Stream Ids to link this project to. Stream must be part of the Portfolio.
Example:
{
"portfolio_streams": [
{
"portfolioId": "...",
"streamId": "..."
}
]
}

Example

The following example is a cURL request to update a project by its identifier (Id).

Request

Include API Token instead of stars in 'X-SSAPI-KEY: ***************************************' parameter.
curl -X PUT 'https://demo.attackforge.com/api/ss/project/5e6881d12fdbcd0a5af71e8c' -H 'Host: demo.attackforge.com' -H 'X-SSAPI-KEY: ***************************************' -H 'Content-Type: application/json' -H 'Connection: close' -d '{
"name": "ACME Digital Web App Pentest",
"code": "DEMO9999",
"groups": ["64f7909963cc54000ed4ecfc"],
"startDate": "2021-06-03T00:00:00.000Z",
"endDate": "2021-06-04T00:00:00.000Z",
"scoringSystem": "CVSSv3.1",
"isOnHold": "Yes",
"isOnHoldReason": "The environment is currently experiencing issues and is not working.",
"organization_code": "GLOBEX123",
"vulnerability_code": "VULN123",
"team_notifications": ["critical", "high"],
"admin_notifications": ["retest", "reopened"],
"start_stop_testing_email": "Hi {firstName},..",
"start_stop_testing_email_additional_recipients": ["[email protected]", "[email protected]"],
"new_vulnerability_email_type": "individual",
"new_vulnerability_email": "Hi {firstName},..",
"new_vulnerability_email_additional_recipients": ["[email protected]"],
"forced_emails": ["new_critical_vulnerability", "new_high_vulnerability"],
"sla_activation": "automatic",
"executive_summary": "Lorem ipsum...",
"custom_fields": [{"key": "customer_name", "value": "WAYNE TECHNOLOGIES."}]
}'

Response

Response contains a project object.
{
"project": {
"id": "...",
"name": "...",
"code": "...",
"organization_code": "...",
"vulnerability_code": "..."
"groups": [
{
"id": "...",
"name": "..."
}
],
"isOnHold": "...",
"startDate": "...",
"endDate": "...",
"scoring_system": "...",
"team_notifications": [
"..."
],
"admin_notifications": [
"..."
],
"start_stop_testing_email": "...",
"start_stop_testing_email_additional_recipients": [
"..."
],
"new_vulnerability_email_type": "...",
"new_vulnerability_email": "...",
"new_vulnerability_email_additional_recipients": [
"..."
],
"forced_emails": [
"..."
],
"sla_activation": "...",
"executive_summary": "...",
"created": "...",
"last_updated": "...",
"custom_fields": [
{
"key": "...",
"value": "...",
"type": "Tag/Field"
}
],
"streams": [
{
"id": "...",
"name": "...",
"stream_portfolios": [
{
"id": "...",
"name": "...",
}
]
}
]
}
}