# UpdateProjectById ## Parameters The following URL, Headers and Parameters are required for requests to this API endpoint. Where a parameter is optional, it will be indicated. Otherwise treat all parameters as mandatory. ### Headers ``` PUT /api/ss/project/:id HTTP/1.1 Host: demo.attackforge.com X-SSAPI-KEY: APIKey Content-Type: application/json Connection: close ``` ### Query **id (string)** Project Id. Example: ``` PUT /api/ss/project/5eab99471e18050942c7607a HTTP/1.1 ``` **created (string) (optional)** Overwrite the created timestamp for the project. Must be UTC string e.g. 2021-06-03T23:15:33.008Z. Example: ``` { "created": "2021-06-03T23:15:33.008Z" } ``` **name (string) (optional)** Name of the project. Example: ``` { "name": "..." } ``` **code (string) (optional)** Project code. Example: ``` { "code": "..." } ``` **groups (array of strings) (optional)** Groups to link to the project. Must match group IDs. Example: ``` { "groups": ["64f7909963cc54000ed4ecfc"] } ``` **startDate (string) (optional)** Project start date. Must be UTC string e.g. 2021-06-03T23:15:33.008Z. Example: ``` { "startDate": "2021-06-03T00:00:00.000Z" } ``` **endDate (string) (optional)** Project end date. Must be UTC string e.g. 2021-06-03T23:15:33.008Z. Example: ``` { "endDate": "2021-06-03T00:00:00.000Z" } ``` **scoringSystem (string) (optional)** Scoring system to be used on the project. Must be either Manual or CVSSv3.1. Example: ``` { "scoringSystem": "CVSSv3.1" } ``` **isOnHold (string) (optional)** Whether project is currently On-Hold. Must be either Yes or No. Example: ``` { "isOnHold": "Yes" } ``` **isOnHoldReason (string) (optional)** If project is On-Hold, or is now Off-Hold - include a reason. This will be sent in email to project team informing status change. Example: ``` { "isOnHoldReason": "The environment is currently experiencing issues and is not working." } ``` **organization\_code (*****string*****) (*****optional*****)** Project organization code. Example: ``` { "organization_code": "..." } ``` **vulnerability\_code (*****string*****) (*****optional*****)** Vulnerability code for user friendly vulnerability ids. Must be unique per project, 3-8 characters in length. Example: ``` { "vulnerability_code": "..." } ``` **team\_notifications (*****array of strings*****) (*****optional*****)** Project team notifications. Must include one or more of the following: *critical*, *high*, *medium*, *low*, *info*, *retest*, *reopened*, *closed* Example: ``` { "team_notifications": ["..."] } ``` **admin\_notifications (*****array of strings*****) (*****optional*****)** Admin notifications. Must include one or more of the following: *retest*, *reopened*, *closed* Example: ``` { "admin_notifications": ["..."] } ``` **start\_stop\_testing\_email (*****string*****) (*****optional*****)** Email body for daily start & stop testing notifications. Example: ``` { "start_stop_testing_email": "..." } ``` **start\_stop\_testing\_email\_additional\_recipients (*****array of strings*****) (*****optional*****)** Additional email recipients for daily start & stop testing notifications. Must be a list of email addresses. Example: ``` { "start_stop_testing_email_additional_recipients": ["..."] } ``` **new\_vulnerability\_email\_type (*****string*****) (*****optional*****)** Individual or Grouped emails to be sent for new vulnerabilities. Must include one of the following: *individual*, *group*. If not specified, default option is *individual* Example: ``` { "new_vulnerability_email_type": "group" } ``` **new\_vulnerability\_email (*****string*****) (*****optional*****)** Email body for new vulnerability discovered notifications. Example: ``` { "new_vulnerability_email": "..." } ``` **new\_vulnerability\_email\_additional\_recipients (*****array of strings*****) (*****optional*****)** Additional email recipients for new vulnerability discovered notifications. Must be a list of email addresses. Example: ``` { "new_vulnerability_email_additional_recipients": ["..."] } ``` **forced\_emails (*****array of strings*****) (*****optional*****)** Force emails to project team. Must include one or more of the following: *all\_emails*, *daily\_start\_stop\_testing*, *new\_critical\_vulnerability*, *new\_high\_vulnerability*, *new\_medium\_vulnerability*, *new\_low\_vulnerability*, *new\_info\_vulnerability*, *vulnerability\_ready\_for\_retesting*, *vulnerability\_reopened*, *vulnerability\_closed*, *project\_role\_updated*, *project\_hold*, *retest\_completed* Example: ``` { "forced_emails": ["..."] } ``` **sla\_activation (*****string*****) (*****optional*****)** Apply vulnerability SLAs automatically or manually. Must be either "automatic" or "manual". Automatic is default. Example: ``` { "sla_activation": "..." } ``` **executive\_summary (*****string*****) (*****optional*****)** Executive summary for the reports. Example: ``` { "executive_summary": "..." } ``` **custom\_fields (*****array of objects*****) (*****optional*****)** Custom fields. Must include a key and value. Key must be unique and letters, numbers and underscores only. For more information visit Example: ``` { "custom_fields": [{"key": "...", "value": "..."}] } ``` **reporting\_custom\_fields (*****array of objects*****) (*****optional*****)** Reporting custom fields. Must include a key and value. Key must be unique and letters, numbers and underscores only. For more information visit Example: ``` { "reporting_custom_fields": [{"key": "...", "value": "..."}] } ``` **summary\_custom\_fields (*****array of objects*****) (*****optional*****)** Summary page custom fields. Must include a key and value. Key must be unique and letters, numbers and underscores only. For more information visit Example: ``` { "summary_custom_fields": [{"key": "...", "value": "..."}] } ``` **portfolio\_streams (*****array of objects*****) (*****optional*****)** Enter a list of Portfolio & Stream Ids to link this project to. Stream must be part of the Portfolio. Example: ``` { "portfolio_streams": [ { "portfolioId": "...", "streamId": "..." } ] } ``` **features (*****object*****) (*****optional*****)** Configure features on the project. Roles must be either client, consultant or librarymod. Minimum Project Access Level must be either View, Upload or Edit. Example: ``` { "features": { "attack_chains": { "enabled": true, "access": { "roles": [ "client", "consultant", "librarymod" ], "project_access_level": "View" } }, "reporting": { "enabled": true, "access": { "roles": [ "client", "consultant", "librarymod" ], "project_access_level": "View" } }, "retesting": { "enabled": true, "access": { "roles": [ "client", "consultant", "librarymod" ], "project_access_level": "View" } }, "testcases": { "access": { "roles": [ "client", "consultant", "librarymod" ], "project_access_level": "View" } } } } ``` **pages (*****object*****) (*****optional*****)** Configure pages on the project. Roles must be either client, consultant or librarymod. Project Access Level must be either View, Upload or Edit. Example: ``` { "pages": { "summary": { "enabled": true, "access": { "view_project_access_levels": [ "View", "Upload", "Edit" ], "view_roles": [ "client", "consultant", "librarymod" ], "upload_project_access_levels": [ "View", "Upload", "Edit" ], "upload_roles": [ "client", "consultant", "librarymod" ], "edit_project_access_levels": [ "View", "Upload", "Edit" ], "edit_roles": [ "client", "consultant", "librarymod" ] } } } } ``` ## Example The following example is a cURL request to update a project by its identifier (Id). ### Request Include API Token instead of stars in 'X-SSAPI-KEY: \*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*\*' parameter. ``` curl -X PUT 'https://demo.attackforge.com/api/ss/project/5e6881d12fdbcd0a5af71e8c' -H 'Host: demo.attackforge.com' -H 'X-SSAPI-KEY: ***************************************' -H 'Content-Type: application/json' -H 'Connection: close' -d '{ "name": "ACME Digital Web App Pentest", "code": "DEMO9999", "groups": ["64f7909963cc54000ed4ecfc"], "startDate": "2021-06-03T00:00:00.000Z", "endDate": "2021-06-04T00:00:00.000Z", "scoringSystem": "CVSSv3.1", "isOnHold": "Yes", "isOnHoldReason": "The environment is currently experiencing issues and is not working.", "organization_code": "GLOBEX123", "vulnerability_code": "VULN123", "team_notifications": ["critical", "high"], "admin_notifications": ["retest", "reopened"], "start_stop_testing_email": "Hi {firstName},..", "start_stop_testing_email_additional_recipients": ["batman@attackforge.com", "robin@attackforge.com"], "new_vulnerability_email_type": "individual", "new_vulnerability_email": "Hi {firstName},..", "new_vulnerability_email_additional_recipients": ["soc@attackforge.com"], "forced_emails": ["new_critical_vulnerability", "new_high_vulnerability"], "sla_activation": "automatic", "executive_summary": "Lorem ipsum...", "custom_fields": [{"key": "customer_name", "value": "WAYNE TECHNOLOGIES."}] }' ``` ### Response Response contains a project object. ``` { "project": { "id": "...", "name": "...", "code": "...", "organization_code": "...", "vulnerability_code": "..." "groups": [ { "id": "...", "name": "..." } ], "isOnHold": "...", "startDate": "...", "endDate": "...", "scoring_system": "...", "team_notifications": [ "..." ], "admin_notifications": [ "..." ], "start_stop_testing_email": "...", "start_stop_testing_email_additional_recipients": [ "..." ], "new_vulnerability_email_type": "...", "new_vulnerability_email": "...", "new_vulnerability_email_additional_recipients": [ "..." ], "forced_emails": [ "..." ], "sla_activation": "...", "executive_summary": "...", "created": "...", "last_updated": "...", "custom_fields": [ { "key": "...", "value": "...", "type": "Tag/Field" } ], "reporting_custom_fields": [ { "key": "...", "value": "..." } ], "summary_custom_fields": [ { "key": "...", "value": "..." } ], "streams": [ { "id": "...", "name": "...", "stream_portfolios": [ { "id": "...", "name": "...", } ] } ], "features": { "attack_chains": { "access": { "project_access_level": "...", "roles": [ "..." ] }, "enabled": true }, "reporting": { "access": { "project_access_level": "...", "roles": [ "..." ] }, "enabled": true }, "retesting": { "access": { "project_access_level": "...", "roles": [ "..." ] }, "enabled": true }, "testcases": { "access": { "project_access_level": "...", "roles": [ "..." ] } } }, "pages": { "summary": { "access": { "edit_project_access_levels": [ "..." ], "edit_roles": [ "..." ], "upload_project_access_levels": [ "..." ], "upload_roles": [ "..." ], "view_project_access_levels": [ "..." ], "view_roles": [ "..." ] }, "enabled": true } } } } ```