API Token
WhiteSource SAST® is fully API-enabled. Users can generate API tokens that will inherit permissions from the current user role. After a token is generated, follow the instructions provided in the API documentation to create scans, generate reports or perform other supported actions.
Creating a Token
In the DASHBOARD window, click SETTINGS in the menu bar on the left.
2. Click API TOKEN.
3. Click + GENERATE TOKEN.
4. Click the copy icon.
5. Download the latest (demo) production CLI from:
Linux - https://downloads-demo.whitesourcesoftware.com/sast-cli/linux/wscli
Windows - https://downloads-demo.whitesourcesoftware.com/sast-cli/windows/wscli.exe
6. Click the copy icon.6.
6. Configure your CLI by starting the wscli executable without command line parameters from the terminal of your choice. You will be prompted with an interactive setup.
7. Enter the Server URL and API Token.
8. You will be prompted with an optional advanced configuration, in which you can configure your scans.
9. After the configuration is completed, a wscli-config.json file will be created with all the set parameters inside.
Below is an example wscli-config.json file. All of these JSON parameters can also be specified as environment variables.
{
"connection": {
"token": "………………………………………………………………………",
"url": " ",
"organizationId": "……………………………………………………………",
"timeoutMin": 10,
"insecureSkipVerify": false
},
"proxy": {
"enabled": false,
"url": "",
"username": "",
"password": ""
},
"cachePath": "",
"scans": {
"engines": [],
"directory": "",
"application": "",
"template": "",
"submitFiles": true,
"submitLogs": true,
"snippetSize": 10,
"exclusions": [],
"incremental": false,
"uploadBaseline": false,
"threshold": {
"high": 0,
"medium": 0,
"low": 0,
"cwe": []
}
},
"reports": {
"generate": false,
"formats": [],
"filename": ""
},
"noColor": false,
"noProgress": false
}
Copyright © 2024 Mend.io (White Source Ltd.) | All rights reserved.