# UpdateProjectById ## Parameters The following URL, Headers and Parameters are required for requests to this API endpoint. Where a parameter is optional, it will be indicated. Otherwise treat all parameters as mandatory. ### Headers ``` PUT /api/ss/project/:id HTTP/1.1 Host: demo.attackforge.com X-SSAPI-KEY: APIKey Content-Type: application/json Connection: close ``` ### Query **id (string)** Project Id. Example: ``` PUT /api/ss/project/5eab99471e18050942c7607a HTTP/1.1 ``` **created (string) (optional)** Overwrite the created timestamp for the project. Must be UTC string e.g. 2021-06-03T23:15:33.008Z. Example: ``` { "created": "2021-06-03T23:15:33.008Z" } ``` **name (string) (optional)** Name of the project. Example: ``` { "name": "..." } ``` **code (string) (optional)** Project code. Example: ``` { "code": "..." } ``` **groups (array of strings) (optional)** Groups to link to the project. Must match group IDs. Example: ``` { "groups": ["64f7909963cc54000ed4ecfc"] } ``` **startDate (string) (optional)** Project start date. Must be UTC string e.g. 2021-06-03T23:15:33.008Z. Example: ``` { "startDate": "2021-06-03T00:00:00.000Z" } ``` **endDate (string) (optional)** Project end date. Must be UTC string e.g. 2021-06-03T23:15:33.008Z. Example: ``` { "endDate": "2021-06-03T00:00:00.000Z" } ``` **scoringSystem (string) (optional)** Scoring system to be used on the project. Must be either Manual or CVSSv3.1. Example: ``` { "scoringSystem": "CVSSv3.1" } ``` **isOnHold (string) (optional)** Whether project is currently On-Hold. Must be either Yes or No. Example: ``` { "isOnHold": "Yes" } ``` **isOnHoldReason (string) (optional)** If project is On-Hold, or is now Off-Hold - include a reason. This will be sent in email to project team informing status change. Example: ``` { "isOnHoldReason": "The environment is currently experiencing issues and is not working." } ``` **organization\_code (*****string*****) (*****optional*****)** Project organization code. Example: ``` { "organization_code": "..." } ``` **vulnerability\_code (*****string*****) (*****optional*****)** Vulnerability code for user friendly vulnerability ids. Must be unique per project, 3-8 characters in length. Example: ``` { "vulnerability_code": "..." } ``` **team\_notifications (*****array of strings*****) (*****optional*****)** Project team notifications. Must include one or more of the following: *critical*, *high*, *medium*, *low*, *info*, *retest*, *reopened*, *closed* Example: ``` { "team_notifications": ["..."] } ``` **admin\_notifications (*****array of strings*****) (*****optional*****)** Admin notifications. Must include one or more of the following: *retest*, *reopened*, *closed* Example: ``` { "admin_notifications": ["..."] } ``` **start\_stop\_testing\_email (*****string*****) (*****optional*****)** Email body for daily start & stop testing notifications. Example: ``` { "start_stop_testing_email": "..." } ``` **start\_stop\_testing\_email\_additional\_recipients (*****array of strings*****) (*****optional*****)** Additional email recipients for daily start & stop testing notifications. Must be a list of email addresses. Example: ``` { "start_stop_testing_email_additional_recipients": ["..."] } ``` **new\_vulnerability\_email\_type (*****string*****) (*****optional*****)** Individual or Grouped emails to be sent for new vulnerabilities. Must include one of the following: *individual*, *group*. If not specified, default option is *individual* Example: ``` { "new_vulnerability_email_type": "group" } ``` **new\_vulnerability\_email (*****string*****) (*****optional*****)** Email body for new vulnerability discovered notifications. Example: ``` { "new_vulnerability_email": "..." } ``` **new\_vulnerability\_email\_additional\_recipients (*****array of strings*****) (*****optional*****)** Additional email recipients for new vulnerability discovered notifications. Must be a list of email addresses. Example: ``` { "new_vulnerability_email_additional_recipients": ["..."] } ``` **forced\_emails (*****array of strings*****) (*****optional*****)** Force emails to project team. Must include one or more of the following: *all\_emails*, *daily\_start\_stop\_testing*, *new\_critical\_vulnerability*, *new\_high\_vulnerability*, *new\_medium\_vulnerability*, *new\_low\_vulnerability*, *new\_info\_vulnerability*, *vulnerability\_ready\_for\_retesting*, *vulnerability\_reopened*, *vulnerability\_closed*, *project\_role\_updated*, *project\_hold*, *retest\_completed* Example: ``` { "forced_emails": ["..."] } ``` **sla\_activation (*****string*****) (*****optional*****)** Apply vulnerability SLAs automatically or manually. Must be either "automatic" or "manual". Automatic is default. Example: ``` { "sla_activation": "..." } ``` **executive\_summary (*****string*****) (*****optional*****)** Executive summary for the reports. Example: ``` { "executive_summary": "..." } ``` **custom\_fields (*****array of objects*****) (*****optional*****)** Custom fields. Must include a key and value. Key must be unique and letters, numbers and underscores only. For more information visit Example: ``` { "custom_fields": [{"key": "...", "value": "..."}] } ``` **reporting\_custom\_fields (*****array of objects*****) (*****optional*****)** Reporting custom fields. Must include a key and value. Key must be unique and letters, numbers and underscores only. For more information visit Example: ``` { "reporting_custom_fields": [{"key": "...", "value": "..."}] } ``` **summary\_custom\_fields (*****array of objects*****) (*****optional*****)** Summary page custom fields. Must include a key and value. Key must be unique and letters, numbers and underscores only. For more information visit Example: ``` { "summary_custom_fields": [{"key": "...", "value": "..."}] } ``` **portfolio\_streams (*****array of objects*****) (*****optional*****)** Enter a list of Portfolio & Stream Ids to link this project to. Stream must be part of the Portfolio. Example: ``` { "portfolio_streams": [ { "portfolioId": "...", "streamId": "..." } ] } ``` **features (*****object*****) (*****optional*****)** Configure features on the project. Roles must be either client, consultant or librarymod. Minimum Project Access Level must be either View, Upload or Edit. Example: ``` { "features": { "attack_chains": { "enabled": true, "access": { "roles": [ "client", "consultant", "librarymod" ], "project_access_level": "View" } }, "reporting": { "enabled": true, "access": { "roles": [ "client", "consultant", "librarymod" ], "project_access_level": "View" } }, "retesting": { "enabled": true, "access": { "roles": [ "client", "consultant", "librarymod" ], "project_access_level": "View" } }, "testcases": { "access": { "roles": [ "client", "consultant", "librarymod" ], "project_access_level": "View" } } } } ``` **pages (*****object*****) (*****optional*****)** Configure pages on the project. Roles must be either client, consultant or librarymod. Project Access Level must be either View, Upload or Edit. Example: ``` { "pages": { "summary": { "enabled": true, "access": { "view_project_access_levels": [ "View", "Upload", "Edit" ], "view_roles": [ "client", "consultant", "librarymod" ], "upload_project_access_levels": [ "View", "Upload", "Edit" ], "upload_roles": [ "client", "consultant", "librarymod" ], "edit_project_access_levels": [ "View", "Upload", "Edit" ], "edit_roles": [ "client", "consultant", "librarymod" ] } } } } ``` ## Example The following example is a cURL request to update a project by its identifier (Id). ### Request Include API Token instead of stars in 'X-SSAPI-KEY: \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*' parameter. ``` curl -X PUT 'https://demo.attackforge.com/api/ss/project/5e6881d12fdbcd0a5af71e8c' -H 'Host: demo.attackforge.com' -H 'X-SSAPI-KEY: ***************************************' -H 'Content-Type: application/json' -H 'Connection: close' -d '{ "name": "ACME Digital Web App Pentest", "code": "DEMO9999", "groups": ["64f7909963cc54000ed4ecfc"], "startDate": "2021-06-03T00:00:00.000Z", "endDate": "2021-06-04T00:00:00.000Z", "scoringSystem": "CVSSv3.1", "isOnHold": "Yes", "isOnHoldReason": "The environment is currently experiencing issues and is not working.", "organization_code": "GLOBEX123", "vulnerability_code": "VULN123", "team_notifications": ["critical", "high"], "admin_notifications": ["retest", "reopened"], "start_stop_testing_email": "Hi {firstName},..", "start_stop_testing_email_additional_recipients": ["batman@attackforge.com", "robin@attackforge.com"], "new_vulnerability_email_type": "individual", "new_vulnerability_email": "Hi {firstName},..", "new_vulnerability_email_additional_recipients": ["soc@attackforge.com"], "forced_emails": ["new_critical_vulnerability", "new_high_vulnerability"], "sla_activation": "automatic", "executive_summary": "Lorem ipsum...", "custom_fields": [{"key": "customer_name", "value": "WAYNE TECHNOLOGIES."}] }' ``` ### Response Response contains a project object. ``` { "project": { "id": "...", "name": "...", "code": "...", "organization_code": "...", "vulnerability_code": "..." "groups": [ { "id": "...", "name": "..." } ], "isOnHold": "...", "startDate": "...", "endDate": "...", "scoring_system": "...", "team_notifications": [ "..." ], "admin_notifications": [ "..." ], "start_stop_testing_email": "...", "start_stop_testing_email_additional_recipients": [ "..." ], "new_vulnerability_email_type": "...", "new_vulnerability_email": "...", "new_vulnerability_email_additional_recipients": [ "..." ], "forced_emails": [ "..." ], "sla_activation": "...", "executive_summary": "...", "created": "...", "last_updated": "...", "custom_fields": [ { "key": "...", "value": "...", "type": "Tag/Field" } ], "reporting_custom_fields": [ { "key": "...", "value": "..." } ], "summary_custom_fields": [ { "key": "...", "value": "..." } ], "streams": [ { "id": "...", "name": "...", "stream_portfolios": [ { "id": "...", "name": "...", } ] } ], "features": { "attack_chains": { "access": { "project_access_level": "...", "roles": [ "..." ] }, "enabled": true }, "reporting": { "access": { "project_access_level": "...", "roles": [ "..." ] }, "enabled": true }, "retesting": { "access": { "project_access_level": "...", "roles": [ "..." ] }, "enabled": true }, "testcases": { "access": { "project_access_level": "...", "roles": [ "..." ] } } }, "pages": { "summary": { "access": { "edit_project_access_levels": [ "..." ], "edit_roles": [ "..." ], "upload_project_access_levels": [ "..." ], "upload_roles": [ "..." ], "view_project_access_levels": [ "..." ], "view_roles": [ "..." ] }, "enabled": true } } } } ``` --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://support.attackforge.com/attackforge-enterprise/modules/self-service-restful-api/updateproject.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.