| Swagger ui |
|---|
swagger: "2.0"
host: sast.whitesourcesoftware.com
schemes: [https]
info:
description: WhiteSource Static Application Security Testing Solution Web API
version: 22.3.2
title: WhiteSource SAST API
contact:
email: support@whitesourcesoftware.com
securityDefinitions:
Bearer:
type: apiKey
name: Authorization
in: header
ApiKeyAuth:
type: apiKey
in: header
name: X-Auth-Token
paths:
/api/engines:
get:
tags:
- SAST Engines
description: Retrieves a list of available engines with supported programming languages names and engine IDs. Engine ID is used in scan configurations.
produces:
- application/json
responses:
200:
description: OK
schema:
type: array
items:
$ref: "#/definitions/Engine"
403:
description: Unauthorized
schema:
$ref: "#/definitions/Error"
/api/engines/{id}:
get:
tags:
- SAST Engines
description: Retrieves engine details corresponding to ID parameter. The response includes engine ID, supported language, a list of tracked variables and a list of vulnerability types (name, risk level).
produces:
- application/json
parameters:
- in: path
name: id
type: integer
required: true
responses:
200:
description: OK
schema:
$ref: "#/definitions/Engine"
403:
description: Unauthorized
schema:
$ref: "#/definitions/Error"
404:
description: Unknown engine ID
/api/scans:
get:
tags:
- Scans
description: Retrieves a list of scans
produces:
- application/json
parameters:
- in: query
name: summary
type: boolean
description: Indicates if the full results of scans should be returned in the response
- in: query
name: limit
type: integer
description: Number of scans to be returned in the response
- in: query
name: page
type: integer
description: Page number, used in combination with limit
- in: query
name: query
type: string
description: Queries the scan names matching the parameter value
- in: query
name: sort
type: string
- in: query
name: order
type: string
description: Order direction (ascend / descend). Descending by default
- in: query
name: filter
type: string
description: Filtering the scans by Status (accepting multiple status values separated by comma, e.g. Finished,Running,Failed
responses:
200:
description: OK
schema:
type: array
items:
$ref: "#/definitions/Scan"
403:
description: Unauthorized
schema:
$ref: "#/definitions/Error"
/api/scans/{id}:
get:
tags:
- Scans
description: Single scan corresponding to the id parameter. Single object contains a complete scan information such as scanning parameters and results (if present)
produces:
- application/json
parameters:
- in: path
name: id
type: string
required: true
- in: query
name: summary
type: boolean
description: Indicates if the full result of a scan should be returned in the response
required: false
- in: query
name: language
type: string
description: If used alone, shows the result for the single language
required: false
- in: query
name: vulnerability
type: string
description: If used alone, shows the result for the single vulnerability ID
required: false
- in: query
name: vulnerabilityType
type: integer
description: Used in combination with language query parameter to show the results for a single vulnerability type
required: false
responses:
200:
description: OK
schema:
$ref: "#/definitions/Scan"
403:
description: Unauthorized
schema:
$ref: "#/definitions/Error"
404:
description: Unknown scan ID
schema:
$ref: "#/definitions/Error"
post:
tags:
- Scans
description: Changes the state of a vulnerability type / individual vulnerability (Risk / False Positive). Accepted actions are risk and falsepositive with values of High, Medium, Low or boolean true/false
parameters:
- in: path
name: id
type: string
required: true
- in: "body"
name: "body"
required: true
schema:
$ref: "#/definitions/Action"
- in: query
name: language
type: string
description: Used in combination with the vulnerabilityType query parameter
required: false
- in: query
name: vulnerability
type: string
description: If used alone, to change the state for the single vulnerability ID
required: false
- in: query
name: vulnerabilityType
type: integer
description: Used in combination with language query parameter to change the state for a single vulnerability type
required: false
responses:
200:
description: OK
403:
description: Unauthorized
schema:
$ref: "#/definitions/Error"
404:
description: Unknown scan ID
schema:
$ref: "#/definitions/Error"
delete:
tags:
- Scans
parameters:
- in: path
name: id
type: string
required: true
responses:
200:
description: OK
schema:
$ref: "#/definitions/Success"
403:
description: Unauthorized
schema:
$ref: "#/definitions/Error"
404:
description: Unknown scan ID
schema:
$ref: "#/definitions/Error"
/api/scans/{id}/issue:
post:
tags:
- Scans
description: Posts an issue ticket to one of the support issue tracking systems (accepted values for alm query parameter are jira, azure, redmine and github), for a single vulnerability ID
produces:
- application/json
parameters:
- in: path
name: id
type: string
required: true
- in: query
name: vulnerability
type: string
required: true
- in: query
name: alm
type: string
required: true
- in: "body"
name: "body"
required: true
schema:
$ref: "#/definitions/ALM"
responses:
200:
description: OK
schema:
$ref: "#/definitions/Success"
400:
description: Bad request
schema:
$ref: "#/definitions/Error"
403:
description: Unauthorized
schema:
$ref: "#/definitions/Error"
404:
description: Unknown scan ID/vulnerability type/vulnerability id
schema:
$ref: "#/definitions/Error"
500:
description: Internal server error
schema:
$ref: "#/definitions/Error"
/api/scans/{id}/report:
post:
tags:
- Scans
description: Report export in five available formats - html, xml, json, csv, sarif and eight available types for HTML reports - DefenseCode Default, OWASP Top 10, NIST, SANS/CWE Top 25, PCI DSS, CAPEC, HIPAA, HITRUST
parameters:
- in: path
name: id
type: string
required: true
- in: query
name: format
type: string
required: true
- in: "body"
name: "body"
required: true
schema:
$ref: "#/definitions/ReportExport"
responses:
200:
description: OK
schema:
$ref: "#/definitions/Success"
400:
description: Bad request
schema:
$ref: "#/definitions/Error"
403:
description: Unauthorized
schema:
$ref: "#/definitions/Error"
404:
description: Unknown scan ID
schema:
$ref: "#/definitions/Error"
500:
description: Unable to generate a report
schema:
$ref: "#/definitions/Error"
/api/scans/{id}/comment:
post:
tags:
- Scans
parameters:
- in: "body"
name: "body"
required: true
schema:
$ref: "#/definitions/Comment"
responses:
'200':
description: 'OK'
/api/applications:
get:
tags:
- Applications
description: Retrieves a list of all applications
produces:
- application/json
parameters:
- in: query
name: summary
type: boolean
description: Indicates (if set to true) if the full information of all applications should be returned in the response
- in: query
name: limit
type: integer
description: Number of applications to be returned in the response
- in: query
name: page
type: integer
description: Page number, used in combination with limit
- in: query
name: query
type: string
description: Queries the application names matching the parameter value
responses:
200:
description: OK
schema:
type: array
items:
$ref: "#/definitions/Application"
post:
tags:
- Applications
description: Creates a new application and returns an application ID
produces:
- application/json
parameters:
- in: "body"
name: "body"
required: true
schema:
$ref: "#/definitions/ApplicationCreate"
responses:
201:
description: Created
schema:
$ref: "#/definitions/AppCreateSuccess"
400:
description: Bad request
schema:
$ref: "#/definitions/Error"
/api/applications/{id}:
get:
tags:
- Applications
description: Retrieves the application corresponding to ID
produces:
- application/json
parameters:
- in: path
name: id
type: string
required: true
- in: query
name: summary
type: boolean
description: Indicates if the full information of the application should be returned in the response
responses:
200:
description: OK
schema:
type: array
items:
$ref: "#/definitions/Application"
put:
tags:
- Applications
description: Updates an application corresponding to ID
produces:
- application/json
parameters:
- in: path
name: id
type: string
required: true
- in: "body"
name: "body"
required: true
schema:
$ref: "#/definitions/ApplicationCreate"
responses:
200:
description: Updated
schema:
$ref: "#/definitions/Success"
400:
description: Bad request
schema:
$ref: "#/definitions/Error"
delete:
tags:
- Applications
description: Deletes an application corresponding to ID
produces:
- application/json
parameters:
- in: path
name: id
type: string
required: true
responses:
200:
description: Updated
schema:
$ref: "#/definitions/Success"
404:
description: Not Found
schema:
$ref: "#/definitions/Error"
/api/applications/{id}/scans:
get:
tags:
- Applications
description: Retrieves a list of all application scans
produces:
- application/json
parameters:
- in: path
name: id
type: string
required: true
- in: query
name: summary
type: boolean
description: Indicates if the full results of scans should be returned in the response
- in: query
name: limit
type: integer
description: Number of scans to be returned in the response
- in: query
name: page
type: integer
description: Page number, used in combination with limit
- in: query
name: query
type: string
description: Queries the scan names matching the parameter value
- in: query
name: sort
type: string
- in: query
name: order
type: string
description: Order direction (ascend / descend). Descending by default
- in: query
name: filter
type: string
description: Filtering the scans by Status (accepting multiple status values separated by comma, e.g. Finished,Running,Failed
responses:
200:
description: OK
schema:
type: array
items:
$ref: "#/definitions/Scan"
/api/login:
post:
tags:
- Users
description: User authentication endpoint
parameters:
- in: "body"
name: "body"
required: true
schema:
$ref: "#/definitions/UserAuth"
responses:
200:
description: OK
schema:
$ref: "#/definitions/UserAuthResponse"
400:
description: Bad request
schema:
$ref: "#/definitions/Error"
403:
description: Authentication failed
schema:
$ref: "#/definitions/Error"
/api/users:
get:
tags:
- Users
description: Get a list of users
produces:
- application/json
responses:
200:
description: OK
schema:
type: array
items:
$ref: "#/definitions/User"
post:
tags:
- Users
description: Creating users
parameters:
- in: "body"
name: "body"
required: true
schema:
$ref: "#/definitions/UserCreate"
responses:
200:
description: OK
schema:
$ref: "#/definitions/Success"
209:
description: Username already exists
400:
description: Bad request
schema:
$ref: "#/definitions/Error"
403:
description: Unauthorized
schema:
$ref: "#/definitions/Error"
/api/users/{id}:
get:
tags:
- Users
description: Get a single user
parameters:
- in: path
name: id
required: true
type: string
responses:
200:
description: OK
schema:
$ref: "#/definitions/User"
403:
description: Unauthorized
schema:
$ref: "#/definitions/Error"
404:
description: Not Found
schema:
$ref: "#/definitions/Error"
put:
tags:
- Users
description: Updating users
parameters:
- in: path
name: id
required: true
type: string
- in: "body"
name: "body"
required: true
schema:
$ref: "#/definitions/UserCreate"
responses:
200:
description: OK
schema:
$ref: "#/definitions/Success"
400:
description: Bad request
schema:
$ref: "#/definitions/Error"
403:
description: Unauthorized
schema:
$ref: "#/definitions/Error"
delete:
tags:
- Users
description: Deleting users
parameters:
- in: path
name: id
type: string
required: true
responses:
200:
description: OK
schema:
$ref: "#/definitions/Success"
403:
description: Unauthorized
schema:
$ref: "#/definitions/Error"
404:
description: Unknown user
schema:
$ref: "#/definitions/Error"
/api/groups:
get:
tags:
- Groups
description: Getting user groups
responses:
200:
description: OK
schema:
type: array
items:
$ref: "#/definitions/Group"
post:
tags:
- Groups
description: Creating user groups
parameters:
- in: "body"
name: "body"
required: true
schema:
$ref: "#/definitions/UserGroupCreate"
responses:
200:
description: OK
schema:
$ref: "#/definitions/Success"
209:
description: Group name already exists
schema:
$ref: "#/definitions/Error"
400:
description: Bad request
schema:
$ref: "#/definitions/Error"
403:
description: Unauthorized
schema:
$ref: "#/definitions/Error"
/api/groups/{id}:
get:
tags:
- Groups
description: Getting user group
parameters:
- in: path
name: id
type: string
required: true
responses:
200:
description: OK
schema:
$ref: "#/definitions/Group"
403:
description: Unauthorized
schema:
$ref: "#/definitions/Error"
put:
tags:
- Groups
description: Updating user group
parameters:
- in: path
name: id
type: string
required: true
- in: "body"
name: "body"
required: true
schema:
$ref: "#/definitions/UserGroupCreate"
responses:
200:
description: OK
schema:
$ref: "#/definitions/Success"
400:
description: Bad request
schema:
$ref: "#/definitions/Error"
403:
description: Unauthorized
schema:
$ref: "#/definitions/Error"
delete:
tags:
- Groups
description: Delete user group
parameters:
- in: path
name: id
type: string
required: true
responses:
200:
description: OK
schema:
$ref: "#/definitions/Success"
403:
description: Unauthorized
schema:
$ref: "#/definitions/Error"
404:
description: Group does not exist
schema:
$ref: "#/definitions/Error"
/api/groups/{id}/remove/{userId}:
delete:
tags:
- Groups
description: Removing a group member
parameters:
- in: path
name: id
type: string
required: true
- in: path
name: userId
type: string
required: true
responses:
200:
description: OK
schema:
$ref: "#/definitions/Success"
/api/groups/{id}/add/{userId}:
put:
tags:
- Groups
description: Adding a group member
parameters:
- in: path
name: id
type: string
required: true
- in: path
name: userId
type: string
required: true
responses:
200:
description: OK
schema:
$ref: "#/definitions/Success"
/api/config/jira:
get:
tags:
- Configurations
description: Gets the current Jira configuration.
responses:
200:
description: OK
schema:
$ref: "#/definitions/JiraConfig"
put:
tags:
- Configurations
description: Sets/updates Jira configuration to be used when submitting vulnerability issues.
parameters:
- in: "body"
name: "body"
required: true
schema:
$ref: "#/definitions/JiraConfig"
responses:
200:
description: OK
schema:
$ref: "#/definitions/Success"
/api/config/jira/triggers:
get:
tags:
- Configurations
description: Gets the current Jira trigger configurations.
responses:
200:
description: OK
schema:
type: array
items:
$ref: "#/definitions/ALMTriggerConfig"
post:
tags:
- Configurations
description: Creates Jira trigger configuration to be used when submitting vulnerability issues.
parameters:
- in: "body"
name: "body"
required: true
schema:
$ref: "#/definitions/ALMTriggerConfig"
responses:
200:
description: OK
schema:
$ref: "#/definitions/Success"
/api/config/jira/triggers/{id}:
put:
tags:
- Configurations
description: Updates Jira trigger configuration to be used when submitting vulnerability issues.
parameters:
- in: "body"
name: "body"
required: true
schema:
$ref: "#/definitions/ALMTriggerConfig"
- in: path
name: id
type: string
required: true
responses:
200:
description: OK
schema:
$ref: "#/definitions/Success"
delete:
tags:
- Configurations
description: Deletes a Jira trigger corresponding to the ID
parameters:
- in: path
name: id
type: string
required: true
responses:
200:
description: OK
schema:
$ref: "#/definitions/Success"
404:
description: OK
schema:
$ref: "#/definitions/Error"
/api/config/azuredevops:
get:
tags:
- Configurations
description: Gets the current AzureDevOps configuration.
responses:
200:
description: OK
schema:
$ref: "#/definitions/TfsConfig"
put:
tags:
- Configurations
description: Sets/updates AzureDevOps configuration to be used when submitting vulnerability issues.
parameters:
- in: "body"
name: "body"
required: true
schema:
$ref: "#/definitions/TfsConfig"
responses:
200:
description: OK
schema:
$ref: "#/definitions/Success"
/api/config/azuredevops/triggers:
get:
tags:
- Configurations
description: Gets the current AzureDevOps trigger configurations.
responses:
200:
description: OK
schema:
type: array
items:
$ref: "#/definitions/ALMTriggerConfig"
post:
tags:
- Configurations
description: Creates AzureDevOps trigger configuration to be used when submitting vulnerability issues.
parameters:
- in: "body"
name: "body"
required: true
schema:
$ref: "#/definitions/ALMTriggerConfig"
responses:
200:
description: OK
schema:
$ref: "#/definitions/Success"
/api/config/azuredevops/triggers/{id}:
put:
tags:
- Configurations
description: Updates AzureDevOps trigger configuration to be used when submitting vulnerability issues.
parameters:
- in: "body"
name: "body"
required: true
schema:
$ref: "#/definitions/ALMTriggerConfig"
- in: path
name: id
type: string
required: true
responses:
200:
description: OK
schema:
$ref: "#/definitions/Success"
delete:
tags:
- Configurations
description: Deletes a AzureDevOps trigger corresponding to the ID
parameters:
- in: path
name: id
type: string
required: true
responses:
200:
description: OK
schema:
$ref: "#/definitions/Success"
404:
description: OK
schema:
$ref: "#/definitions/Error"
/api/templates:
get:
tags:
- Templates
description: 'Retrieves a list of scan configuration templates'
parameters: []
responses:
200:
description: OK
schema:
type: array
items:
$ref: "#/definitions/Template"
post:
tags:
- Templates
description: 'Creates a new scan configuration template'
parameters:
- in: "body"
name: "body"
required: true
schema:
$ref: "#/definitions/TemplateCreate"
responses:
200:
description: OK
schema:
$ref: "#/definitions/Success"
/api/templates/{id}:
get:
tags:
- Templates
description: 'Retrieves a scan configuration template corresponding to ID'
responses:
200:
description: OK
schema:
$ref: "#/definitions/Template"
delete:
tags:
- Templates
description: 'Deletes a scan configuration template corresponding to ID'
parameters:
- in: path
name: id
type: string
required: true
responses:
200:
description: OK
schema:
$ref: "#/definitions/Success"
404:
description: OK
schema:
$ref: "#/definitions/Error"
definitions:
Application:
type: object
properties:
id:
type: string
name:
type: string
metrics:
type: object
properties:
totalScans:
type: integer
fixedVulnerabilities:
type: integer
newVulnerabilities:
type: integer
newHigh:
type: integer
newMedium:
type: integer
newLow:
type: integer
dateCounts:
type: array
items:
type: object
properties:
date:
type: string
counts:
type: object
properties:
totalVulnerabilities:
type: integer
locPerIssue:
type: integer
vulnTypeCount:
type: integer
high:
type: integer
medium:
type: integer
low:
type: integer
pcidss:
type: integer
nist:
type: integer
owasp:
type: integer
sansTop25:
type: integer
parameters:
type: object
properties:
engines:
type: array
items:
type: integer
incremental:
type: boolean
example: true
ignoreStoredFP:
type: boolean
example: false
exclusions:
type: array
items:
type: string
almTrigger:
type: string
emailTrigger:
type: string
slackTrigger:
type: string
engineParams:
type: array
items:
type: object
properties:
trackedInputs:
type: array
items:
type: string
excludedVulnTypes:
type: array
items:
type: integer
depth:
type: object
properties:
maxFunctionDepth:
type: integer
example: 12
maxVariableTrack:
type: integer
example: 20
customFilters:
type: array
items:
type: object
properties:
functionName:
type: string
filterId:
type: string
customRules:
type: array
items:
type: object
properties:
functionName:
type: string
parameterCount:
type: integer
vulnParamIndex:
type: integer
vulnTypeIndex:
type: integer
description:
type: string
createdBy:
type: string
createdTime:
type: string
ApplicationCreate:
type: object
properties:
name:
type: string
parameters:
type: object
properties:
engines:
type: array
items:
type: integer
incremental:
type: boolean
example: true
ignoreStoredFP:
type: boolean
example: false
exclusions:
type: array
items:
type: string
almTrigger:
type: string
emailTrigger:
type: string
slackTrigger:
type: string
engineParams:
type: array
items:
type: object
properties:
trackedInputs:
type: array
items:
type: string
excludedVulnTypes:
type: array
items:
type: integer
depth:
type: object
properties:
maxFunctionDepth:
type: integer
example: 12
maxVariableTrack:
type: integer
example: 20
customFilters:
type: array
items:
type: object
properties:
functionName:
type: string
filterId:
type: string
customRules:
type: array
items:
type: object
properties:
functionName:
type: string
parameterCount:
type: integer
vulnParamIndex:
type: integer
vulnTypeIndex:
type: integer
description:
type: string
Action:
type: object
properties:
action:
type: string
value:
type: string
Engine:
type: object
properties:
id:
type: integer
example: 1
language:
type: string
example: Java
executable:
type: string
example: engineJava
defaultDepth:
type: object
properties:
maxFunctionDepth:
type: integer
example: 12
maxVariableTrack:
type: integer
example: 20
trackedInputs:
type: array
items:
type: string
vulnerabilityTypes:
type: array
items:
type: object
properties:
id:
type: integer
example: 0
name:
type: string
example: SQL Injection
risk:
type: string
example: High
description:
type: string
recommendation:
type: array
items:
type: string
references:
type: array
items:
type: string
cwe:
type: object
properties:
id:
type: string
title:
type: string
url:
type: string
pcidss:
type: object
properties:
section:
type: string
title:
type: string
nist:
type: object
properties:
control:
type: string
priority:
type: string
title:
type: string
url:
type: string
owasp:
type: object
properties:
index:
type: string
title:
type: string
url:
type: string
Scan:
type: object
properties:
id:
type: string
example: 1
name:
type: string
example: Project scan
languages:
type: array
items:
type: string
example: Java
status:
type: string
example: Finished
parentAppId:
type: string
results:
type: array
items:
type: object
properties:
language:
type: string
results:
type: array
items:
type: object
properties:
type:
type: object
properties:
id:
type: integer
example: 0
name:
type: string
example: SQL Injection
risk:
type: string
example: High
description:
type: string
recommendation:
type: array
items:
type: string
references:
type: array
items:
type: string
cwe:
type: object
properties:
id:
type: string
title:
type: string
url:
type: string
pcidss:
type: object
properties:
section:
type: string
title:
type: string
nist:
type: object
properties:
control:
type: string
priority:
type: string
title:
type: string
url:
type: string
owasp:
type: object
properties:
index:
type: string
title:
type: string
url:
type: string
count:
type: integer
example: 1
vulnerabilities:
type: array
items:
type: object
properties:
id:
type: string
signature:
type: string
type:
type: object
properties:
id:
type: integer
example: 0
name:
type: string
example: SQL Injection
risk:
type: string
example: High
description:
type: string
recommendation:
type: array
items:
type: string
references:
type: array
items:
type: string
cwe:
type: object
properties:
id:
type: string
title:
type: string
url:
type: string
pcidss:
type: object
properties:
section:
type: string
title:
type: string
nist:
type: object
properties:
control:
type: string
priority:
type: string
title:
type: string
url:
type: string
owasp:
type: object
properties:
index:
type: string
title:
type: string
url:
type: string
risk:
type: string
falsepositive:
type: boolean
description:
type: string
sink:
type: string
sinkCall:
type: string
sinkFile:
type: string
inputSource:
type: string
functionCalls:
type: array
items:
type: object
properties:
name:
type: string
line:
type: string
file:
type: string
snippet:
type: string
inputFlow:
type: array
items:
type: object
properties:
name:
type: string
line:
type: string
file:
type: string
snippet:
type: string
filter:
type: object
properties:
isFiltered:
type: boolean
filterTypes:
type: object
parameters:
type: object
properties:
engines:
type: array
items:
type: integer
incremental:
type: boolean
example: true
ignoreStoredFP:
type: boolean
example: false
exclusions:
type: array
items:
type: string
almTrigger:
type: string
emailTrigger:
type: string
slackTrigger:
type: string
engineParams:
type: array
items:
type: object
properties:
trackedInputs:
type: array
items:
type: string
excludedVulnTypes:
type: array
items:
type: integer
depth:
type: object
properties:
maxFunctionDepth:
type: integer
example: 12
maxVariableTrack:
type: integer
example: 20
customFilters:
type: array
items:
type: object
properties:
functionName:
type: string
filterId:
type: string
customRules:
type: array
items:
type: object
properties:
functionName:
type: string
parameterCount:
type: integer
vulnParamIndex:
type: integer
vulnTypeIndex:
type: integer
description:
type: string
stats:
type: object
properties:
duration:
type: string
totalVulnerabilities:
type: integer
example: 10
totalFiles:
type: integer
example: 200
testedFiles:
type: integer
example: 200
totalLines:
type: integer
example: 2000
testedLines:
type: integer
example: 2000
createdBy:
type: string
example: admin
startTime:
type: string
example: "2020-05-30T14:55:29.955Z"
createdTime:
type: string
example: "2020-05-30T14:55:29.955Z"
ScanCreate:
type: object
properties:
name:
type: string
example: Project scan
parentAppId:
type: string
parameters:
type: object
properties:
engines:
type: array
items:
type: integer
incremental:
type: boolean
example: true
ignoreStoredFP:
type: boolean
example: false
exclusions:
type: array
items:
type: string
almTrigger:
type: string
emailTrigger:
type: string
slackTrigger:
type: string
engineParams:
type: array
items:
type: object
properties:
trackedInputs:
type: array
items:
type: string
excludedVulnTypes:
type: array
items:
type: integer
depth:
type: object
properties:
maxFunctionDepth:
type: integer
example: 12
maxVariableTrack:
type: integer
example: 20
customFilters:
type: array
items:
type: object
properties:
functionName:
type: string
filterId:
type: string
customRules:
type: array
items:
type: object
properties:
functionName:
type: string
parameterCount:
type: integer
vulnParamIndex:
type: integer
vulnTypeIndex:
type: integer
description:
type: string
Template:
type: object
properties:
id:
type: string
name:
type: string
example: Project scan
parameters:
type: object
properties:
engines:
type: array
items:
type: integer
incremental:
type: boolean
example: true
ignoreStoredFP:
type: boolean
example: false
exclusions:
type: array
items:
type: string
almTrigger:
type: string
emailTrigger:
type: string
slackTrigger:
type: string
engineParams:
type: array
items:
type: object
properties:
trackedInputs:
type: array
items:
type: string
excludedVulnTypes:
type: array
items:
type: integer
depth:
type: object
properties:
maxFunctionDepth:
type: integer
example: 12
maxVariableTrack:
type: integer
example: 20
customFilters:
type: array
items:
type: object
properties:
functionName:
type: string
filterId:
type: string
customRules:
type: array
items:
type: object
properties:
functionName:
type: string
parameterCount:
type: integer
vulnParamIndex:
type: integer
vulnTypeIndex:
type: integer
description:
type: string
TemplateCreate:
type: object
properties:
name:
type: string
example: Project scan
parameters:
type: object
properties:
engines:
type: array
items:
type: integer
incremental:
type: boolean
example: true
ignoreStoredFP:
type: boolean
example: false
exclusions:
type: array
items:
type: string
almTrigger:
type: string
emailTrigger:
type: string
slackTrigger:
type: string
engineParams:
type: array
items:
type: object
properties:
trackedInputs:
type: array
items:
type: string
excludedVulnTypes:
type: array
items:
type: integer
depth:
type: object
properties:
maxFunctionDepth:
type: integer
example: 12
maxVariableTrack:
type: integer
example: 20
customFilters:
type: array
items:
type: object
properties:
functionName:
type: string
filterId:
type: string
customRules:
type: array
items:
type: object
properties:
functionName:
type: string
parameterCount:
type: integer
vulnParamIndex:
type: integer
vulnTypeIndex:
type: integer
description:
type: string
ALM:
type: object
properties:
project:
type: string
itemType:
type: string
comment:
type: string
Comment:
type: object
properties:
body:
type: string
ReportExport:
type: object
properties:
company:
type: string
author:
type: string
email:
type: string
description:
type: string
type:
type: string
level:
type: string
UserAuth:
type: object
properties:
username:
type: string
password:
type: string
UserAuthResponse:
type: object
properties:
token:
type: string
refreshToken:
type: string
tokenType:
type: string
username:
type: string
role:
type: integer
UserCreate:
type: object
properties:
username:
type: string
example: user@organization.com
name:
type: string
password:
type: string
role:
type: integer
groups:
type: array
items:
type: object
properties:
id:
type: string
name:
type: string
User:
type: object
properties:
username:
type: string
name:
type: string
password:
type: string
email:
type: string
role:
type: integer
apiToken:
type: string
createdTime:
type: string
integrated:
type: boolean
groups:
type: array
items:
type: object
properties:
id:
type: string
name:
type: string
Group:
type: object
properties:
name:
type: string
description:
type: string
members:
type: array
items:
type: object
properties:
id:
type: string
username:
type: string
UserGroupCreate:
type: object
properties:
name:
type: string
description:
type: string
JiraConfig:
type: object
properties:
jiraServer:
type: string
authType:
type: string
username:
type: string
password:
type: string
ALMTriggerConfig:
type: object
properties:
name:
type: string
description:
type: string
projectName:
type: string
itemType:
type: string
condition:
type: object
properties:
totalCount:
type: boolean
totalCountTrigger:
type: integer
highRiskCount:
type: boolean
highRiskCountTrigger:
type: integer
mediumRiskCount:
type: boolean
mediumRiskCountTrigger:
type: integer
lowRiskCount:
type: boolean
lowRiskCountTrigger:
type: integer
vulnTypeFound:
type: boolean
vulnTypeTrigger:
type: integer
TfsConfig:
type: object
properties:
serverUrl:
type: string
accessToken:
type: string
Success:
type: object
properties:
success:
type: boolean
example: true
message:
type: string
result:
type: object
Error:
type: object
properties:
success:
type: boolean
example: false
message:
type: string
result:
type: string
example: error
AppCreateSuccess:
type: object
properties:
success:
type: boolean
example: true
message:
type: string
result:
type: object
properties:
id:
type: string
name:
type: string
|
Page Comparison
Manage space
Manage content
Integrations
App links