Acunetix Scanner API
Scroll down for code samples, example requests and responses. Select a language for code samples from the tabs above or the mobile navigation menu.
The Acunetix Scanner API allows you to access and manage Scan Targets, Scans, Vulnerabilities, Reports and other resources within an Acunetix Vulnerability Scanner deployment in a simple, programmatic manner using conventional HTTP requests. The API's endpoints are intuitive and powerful, allowing you to easily retrieve information and execute actions.
Scan Targets will constitute the base for accessing any Scan-related resource such as Scans, Reports, Alerts and Crawl results. Therefore, upon deletion of a Scan Target, all associated resource will also be deleted with it.
Visit www.acunetix.com to learn more about Acunetix Vulnerability Scanner.
Authentication via API Key
All authentication requests made to the Acunetix Scanner API must include the X-Auth HTTP Header.
| Location | Header |
|---|---|
| Name | X-Auth |
| Value | [API Key] |
Email: support@acunetix.com
Web: https://www.acunetix.com/support
License: Acunetix Service Agreement
About the Base URL for all API endpoints
This document defines the Base URL as being https://127.0.0.1:3443/api/v1. However, you will need to change the URL depending on the ip address of your Acunetix machine if the API calls will be made from a different machine.
Specifically for Acunetix Online, the Base URL can be:
- https://online.acunetix.com/api/v1. if you are using online.acunetix.com
- https://app.invicti.com/api/v1. if you are using app.invicti.com
- https://app-eu.invciti.com/api/v1. if you are using app-eu.invicti.com
Base URLs:
Authentication
- API Key (scanner_authorization)
- Parameter Name: X-Auth, in: header. All authenticated requests made to the Acunetix Scanner API must include the
X-AuthHTTP header.
- Parameter Name: X-Auth, in: header. All authenticated requests made to the Acunetix Scanner API must include the
ChildUsers
get_users
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/users \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /users
Users
Returns a list of Users
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| c | query | string | false | Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit). |
| l | query | integer | false | Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100). |
| q | query | string(search) | false | Query to filter results based on a number of filters. |
| s | query | string | false | none |
Detailed descriptions
c: Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit).
l: Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100).
q: Query to filter results based on a number of filters.
List of Filters:
Scans
-
target: Specific target to filter for. Only accepts filtering of single targets.
TARGET_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
threat: Level of severity to filter scans by. Do note that multiple threats can be added and are comma-separated (e.g.
?threat=3,2)- 4: Critical
- 3: High
- 2: Medium
- 1: Low
- 0: Informational
-
business_criticality: Level of business criticality to filter scans for. Multiple values can be added and are comma-separated (e.g.
?business_criticality=30,10)- 30: Critical
- 20: High
- 10: Normal
- 0: Low
-
scan_status: Scan state to filter by. Multiple values can be added and are comma-separated (e.g.
?scan_status=completed,queued)- aborting
- completed
- failed
- processing
- queued
- scheduled
- starting
-
profile_id: Scan type to filter scans by (e.g. Crawl Only). Multiple scan types can be added and are comma-separated.
PROFILE_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
group_id: Target group to filter scans by. Target groups are not preset and thus are custom set for each Acunetix instance. Multiple target groups can be added and are comma-separated.
GROUP_ID(UUID - E.G "11111111-1111-1111-1111-111111111111")
Example responses
200 Response
{
"users": [
{
"user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
"password": "string",
"email": "user@example.com",
"first_name": "string",
"last_name": "string",
"role_mappings": [
{
"role_mapping_id": "f61157f6-50e6-4275-ac23-602ac291642c",
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"access_all_targets": false,
"target_group_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
],
"user_groups": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"enabled": true,
"totp_enabled": true,
"locked": 0,
"invite_id": "7218104b-c64c-4f30-a184-1a1802b5c56b",
"invite_expired": true,
"expiration_date": "2019-08-24T14:15:22Z",
"sso_exemption": true
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | List of Users | ChildUserListResponse |
| default | Default | Error | ErrorDescriptionResponse |
add_user
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/users \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /users
User
Create User
Body parameter
{
"user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
"password": "string",
"email": "user@example.com",
"first_name": "string",
"last_name": "string",
"role_mappings": [
{
"role_mapping_id": "f61157f6-50e6-4275-ac23-602ac291642c",
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"access_all_targets": false,
"target_group_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
],
"user_groups": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"enabled": true,
"invite_id": "7218104b-c64c-4f30-a184-1a1802b5c56b",
"invite_expired": true,
"expiration_date": "2019-08-24T14:15:22Z",
"sso_exemption": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| send_email | query | boolean | false | none |
| body | body | ChildUser | true | User to create |
Example responses
201 Response
{
"user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
"password": "string",
"email": "user@example.com",
"first_name": "string",
"last_name": "string",
"role_mappings": [
{
"role_mapping_id": "f61157f6-50e6-4275-ac23-602ac291642c",
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"access_all_targets": false,
"target_group_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
],
"user_groups": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"enabled": true,
"totp_enabled": true,
"locked": 0,
"invite_id": "7218104b-c64c-4f30-a184-1a1802b5c56b",
"invite_expired": true,
"expiration_date": "2019-08-24T14:15:22Z",
"sso_exemption": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | User created | ChildUser |
| default | Default | Error | ErrorDescriptionResponse |
Response Headers
| Status | Header | Type | Format | Description |
|---|---|---|---|---|
| 201 | Location | string | url | User URI |
remove_users
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/users/delete \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /users/delete
Remove Users
Remove Users
Body parameter
{
"user_id_list": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | ChildUserIdList | true | UserIdList to remove |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Users deleted | None |
| default | Default | Error | ErrorDescriptionResponse |
enable_users
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/users/enable \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /users/enable
Enable Users
Enable Users
Body parameter
{
"user_id_list": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | ChildUserIdList | true | UserIdList to enable |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Users enabled | None |
| default | Default | Error | ErrorDescriptionResponse |
disable_users
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/users/disable \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /users/disable
Disable Users
Disable Users
Body parameter
{
"user_id_list": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | ChildUserIdList | true | UserIdList to disable |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Users disabled | None |
| default | Default | Error | ErrorDescriptionResponse |
get_user
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/users/{user_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /users/{user_id}
User
List User properties
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| user_id | path | string(uuid) | true | none |
Example responses
200 Response
{
"user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
"password": "string",
"email": "user@example.com",
"first_name": "string",
"last_name": "string",
"role_mappings": [
{
"role_mapping_id": "f61157f6-50e6-4275-ac23-602ac291642c",
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"access_all_targets": false,
"target_group_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
],
"user_groups": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"enabled": true,
"totp_enabled": true,
"locked": 0,
"invite_id": "7218104b-c64c-4f30-a184-1a1802b5c56b",
"invite_expired": true,
"expiration_date": "2019-08-24T14:15:22Z",
"sso_exemption": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | User properties | ChildUser |
| default | Default | Error | ErrorDescriptionResponse |
remove_user
Code samples
# You can also use wget
curl -X DELETE https://127.0.0.1:3443/api/v1/users/{user_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
DELETE /users/{user_id}
User
Delete User
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| user_id | path | string(uuid) | true | none |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | User deleted | None |
| default | Default | Error | ErrorDescriptionResponse |
update_user
Code samples
# You can also use wget
curl -X PATCH https://127.0.0.1:3443/api/v1/users/{user_id} \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
PATCH /users/{user_id}
User
Modify User
Body parameter
{
"user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
"password": "string",
"email": "user@example.com",
"first_name": "string",
"last_name": "string",
"role_mappings": [
{
"role_mapping_id": "f61157f6-50e6-4275-ac23-602ac291642c",
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"access_all_targets": false,
"target_group_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
],
"user_groups": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"enabled": true,
"invite_id": "7218104b-c64c-4f30-a184-1a1802b5c56b",
"invite_expired": true,
"expiration_date": "2019-08-24T14:15:22Z",
"sso_exemption": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | ChildUser | true | User to modify |
| user_id | path | string(uuid) | true | none |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | User modified | None |
| default | Default | Error | ErrorDescriptionResponse |
UserGroups
get_user_groups
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/user_groups \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /user_groups
User Groups
Returns a list of User Groups
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| q | query | string(search) | false | Query to filter results based on a number of filters. |
| s | query | string | false | none |
| c | query | string | false | Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit). |
| l | query | integer | false | Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100). |
| extended | query | boolean | false | none |
Detailed descriptions
q: Query to filter results based on a number of filters.
List of Filters:
Scans
-
target: Specific target to filter for. Only accepts filtering of single targets.
TARGET_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
threat: Level of severity to filter scans by. Do note that multiple threats can be added and are comma-separated (e.g.
?threat=3,2)- 4: Critical
- 3: High
- 2: Medium
- 1: Low
- 0: Informational
-
business_criticality: Level of business criticality to filter scans for. Multiple values can be added and are comma-separated (e.g.
?business_criticality=30,10)- 30: Critical
- 20: High
- 10: Normal
- 0: Low
-
scan_status: Scan state to filter by. Multiple values can be added and are comma-separated (e.g.
?scan_status=completed,queued)- aborting
- completed
- failed
- processing
- queued
- scheduled
- starting
-
profile_id: Scan type to filter scans by (e.g. Crawl Only). Multiple scan types can be added and are comma-separated.
PROFILE_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
group_id: Target group to filter scans by. Target groups are not preset and thus are custom set for each Acunetix instance. Multiple target groups can be added and are comma-separated.
GROUP_ID(UUID - E.G "11111111-1111-1111-1111-111111111111")
c: Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit).
l: Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100).
Example responses
200 Response
{
"user_groups": [
{
"user_group_id": "2f59988f-5729-4fad-ab6a-4676b83a0180",
"name": "string",
"description": "string",
"created": "2019-08-24",
"owner_id": "8826ee2e-7933-4665-aef2-2393f84a0d05",
"creator_id": "9cceffdd-8381-4074-8256-eafae24ebee6",
"user_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"role_mappings": [
{
"role_mapping_id": "f61157f6-50e6-4275-ac23-602ac291642c",
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"access_all_targets": false,
"target_group_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
],
"stats": {
"user_count": 0
}
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | List of User Groups | UserGroupsList |
| default | Default | Error | ErrorDescriptionResponse |
create_user_group
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/user_groups \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /user_groups
User Groups
Create a new User Group
Body parameter
{
"name": "string",
"description": "string",
"role_mappings": [
{
"role_mapping_id": "f61157f6-50e6-4275-ac23-602ac291642c",
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"access_all_targets": false,
"target_group_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
],
"user_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | UserGroup | true | User Group to create |
Example responses
200 Response
{
"user_group_id": "2f59988f-5729-4fad-ab6a-4676b83a0180",
"name": "string",
"description": "string",
"created": "2019-08-24",
"owner_id": "8826ee2e-7933-4665-aef2-2393f84a0d05",
"creator_id": "9cceffdd-8381-4074-8256-eafae24ebee6",
"user_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"role_mappings": [
{
"role_mapping_id": "f61157f6-50e6-4275-ac23-602ac291642c",
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"access_all_targets": false,
"target_group_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
],
"stats": {
"user_count": 0
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | User Group created | UserGroupDetails |
| default | Default | Error | ErrorDescriptionResponse |
get_user_group
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/user_groups/{user_group_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /user_groups/{user_group_id}
User Group
Returns a User Group
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| user_group_id | path | string(uuid) | true | The User Group ID which will be retrieved |
Example responses
200 Response
{
"user_group_id": "2f59988f-5729-4fad-ab6a-4676b83a0180",
"name": "string",
"description": "string",
"created": "2019-08-24",
"owner_id": "8826ee2e-7933-4665-aef2-2393f84a0d05",
"creator_id": "9cceffdd-8381-4074-8256-eafae24ebee6",
"user_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"role_mappings": [
{
"role_mapping_id": "f61157f6-50e6-4275-ac23-602ac291642c",
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"access_all_targets": false,
"target_group_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
],
"stats": {
"user_count": 0
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | User Group | UserGroupDetails |
| default | Default | Error | ErrorDescriptionResponse |
update_user_group
Code samples
# You can also use wget
curl -X PATCH https://127.0.0.1:3443/api/v1/user_groups/{user_group_id} \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
PATCH /user_groups/{user_group_id}
User Group
Modify a User Group
Body parameter
{
"name": "string",
"description": "string",
"role_mappings": [
{
"role_mapping_id": "f61157f6-50e6-4275-ac23-602ac291642c",
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"access_all_targets": false,
"target_group_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
],
"user_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| user_group_id | path | string(uuid) | true | The User Group ID which will be updated |
| body | body | UserGroup | true | User Group to modify |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | User group modified | None |
| default | Default | Error | ErrorDescriptionResponse |
remove_user_group
Code samples
# You can also use wget
curl -X DELETE https://127.0.0.1:3443/api/v1/user_groups/{user_group_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
DELETE /user_groups/{user_group_id}
User Group
Delete a User Group
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| user_group_id | path | string(uuid) | true | The User Group ID which will be deleted |
| force_delete | query | boolean | false | Delete group connection to the users |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | User Group deleted | None |
| default | Default | Error | ErrorDescriptionResponse |
add_users_to_user_group
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/user_groups/{user_group_id}/users \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /user_groups/{user_group_id}/users
Add Users to a User Group
Add Users to a User Group
Body parameter
{
"user_id_list": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| user_group_id | path | string(uuid) | true | The User Group ID to which the users will be added |
| body | body | ChildUserIdList | true | User IDs to add to the User Group |
Example responses
200 Response
{
"user_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"user_group_id": "2f59988f-5729-4fad-ab6a-4676b83a0180"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Users added to the User Group | UserToUserGroupDetails |
| default | Default | Error | ErrorDescriptionResponse |
remove_users_from_user_group
Code samples
# You can also use wget
curl -X DELETE https://127.0.0.1:3443/api/v1/user_groups/{user_group_id}/users \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
DELETE /user_groups/{user_group_id}/users
Remove Users from a User Group
Remove Users from a User Group
Body parameter
{
"user_id_list": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| user_group_id | path | string(uuid) | true | The User Group ID from which the users will be removed |
| body | body | ChildUserIdList | true | User IDs to remove from the User Group |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Users removed from User Group | None |
| default | Default | Error | ErrorDescriptionResponse |
get_user_group_role_mappings
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/user_groups/{user_group_id}/roles \
-H 'X-Auth: API_KEY'
GET /user_groups/{user_group_id}/roles
List all Role Mappings for the User Group
List all Role Mappings for the User Group
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| user_group_id | path | string(uuid) | true | The User Group ID for which the roles will be listed |
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| default | Default | Default response | None |
add_role_mappings_to_user_group
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/user_groups/{user_group_id}/roles \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /user_groups/{user_group_id}/roles
Add Role Mappings to a User Group
Add Role Mappings to a User Group
Body parameter
{
"role_mappings": [
{
"role_mapping_id": "f61157f6-50e6-4275-ac23-602ac291642c",
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"access_all_targets": false,
"target_group_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| user_group_id | path | string(uuid) | true | The User Group ID to which the roles will be added |
| body | body | RoleMappingList | true | Role IDs to add to the User Group |
Example responses
200 Response
{
"user_group_id": "2f59988f-5729-4fad-ab6a-4676b83a0180",
"role_mappings": [
{
"role_mapping_id": "f61157f6-50e6-4275-ac23-602ac291642c",
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"access_all_targets": false,
"target_group_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Roles added to the User Group | UserGroupRoleMappings |
| default | Default | Error | ErrorDescriptionResponse |
remove_role_mappings_from_user_group
Code samples
# You can also use wget
curl -X DELETE https://127.0.0.1:3443/api/v1/user_groups/{user_group_id}/roles \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
DELETE /user_groups/{user_group_id}/roles
Remove Role Mappings from a User Group
Remove Role Mappings from a User Group
Body parameter
{
"role_mapping_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| user_group_id | path | string(uuid) | true | The User Group ID from which the roles will be removed |
| body | body | RoleMappingIdList | true | Role Mapping IDs to remove from the User Group |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Roles removed from User Group | None |
| default | Default | Error | ErrorDescriptionResponse |
Roles
get_roles
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/roles \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /roles
Roles
Returns a list of Roles
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| q | query | string(search) | false | Query to filter results based on a number of filters. |
| s | query | string | false | none |
| c | query | string | false | Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit). |
| l | query | integer | false | Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100). |
| extended | query | boolean | false | none |
Detailed descriptions
q: Query to filter results based on a number of filters.
List of Filters:
Scans
-
target: Specific target to filter for. Only accepts filtering of single targets.
TARGET_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
threat: Level of severity to filter scans by. Do note that multiple threats can be added and are comma-separated (e.g.
?threat=3,2)- 4: Critical
- 3: High
- 2: Medium
- 1: Low
- 0: Informational
-
business_criticality: Level of business criticality to filter scans for. Multiple values can be added and are comma-separated (e.g.
?business_criticality=30,10)- 30: Critical
- 20: High
- 10: Normal
- 0: Low
-
scan_status: Scan state to filter by. Multiple values can be added and are comma-separated (e.g.
?scan_status=completed,queued)- aborting
- completed
- failed
- processing
- queued
- scheduled
- starting
-
profile_id: Scan type to filter scans by (e.g. Crawl Only). Multiple scan types can be added and are comma-separated.
PROFILE_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
group_id: Target group to filter scans by. Target groups are not preset and thus are custom set for each Acunetix instance. Multiple target groups can be added and are comma-separated.
GROUP_ID(UUID - E.G "11111111-1111-1111-1111-111111111111")
c: Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit).
l: Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100).
Example responses
200 Response
{
"roles": [
{
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"name": "string",
"description": "string",
"created_at": "2019-08-24",
"owner_id": "8826ee2e-7933-4665-aef2-2393f84a0d05",
"creator_id": "9cceffdd-8381-4074-8256-eafae24ebee6",
"permissions": [
"string"
],
"stats": {
"user_count": 0,
"group_count": 0,
"all_user_count": 0
}
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | List of Roles | RolesList |
| default | Default | Error | ErrorDescriptionResponse |
create_role
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/roles \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /roles
Roles
Create a new Role
Body parameter
{
"name": "string",
"description": "string",
"permissions": [
"string"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | Role | true | Role to create |
Example responses
200 Response
{
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"name": "string",
"description": "string",
"created_at": "2019-08-24",
"owner_id": "8826ee2e-7933-4665-aef2-2393f84a0d05",
"creator_id": "9cceffdd-8381-4074-8256-eafae24ebee6",
"permissions": [
"string"
],
"stats": {
"user_count": 0,
"group_count": 0,
"all_user_count": 0
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Role created | RoleDetails |
| default | Default | Error | ErrorDescriptionResponse |
get_permissions
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/roles/permissions \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /roles/permissions
Permissions
Returns a list of Permissions
Example responses
200 Response
{
"permissions": [
{
"category": "string",
"name": "string",
"description": "string"
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | List of Permissions | PermissionsList |
| default | Default | Error | ErrorDescriptionResponse |
get_role
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/roles/{role_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /roles/{role_id}
Role
Returns a Role
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| role_id | path | string(uuid) | true | none |
Example responses
200 Response
{
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"name": "string",
"description": "string",
"created_at": "2019-08-24",
"owner_id": "8826ee2e-7933-4665-aef2-2393f84a0d05",
"creator_id": "9cceffdd-8381-4074-8256-eafae24ebee6",
"permissions": [
"string"
],
"stats": {
"user_count": 0,
"group_count": 0,
"all_user_count": 0
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Role | RoleDetails |
| default | Default | Error | ErrorDescriptionResponse |
update_role
Code samples
# You can also use wget
curl -X PATCH https://127.0.0.1:3443/api/v1/roles/{role_id} \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
PATCH /roles/{role_id}
Role
Modify a Role
Body parameter
{
"name": "string",
"description": "string",
"permissions": [
"string"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| role_id | path | string(uuid) | true | none |
| body | body | Role | true | Role to modify |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Role modified | None |
| default | Default | Error | ErrorDescriptionResponse |
remove_role
Code samples
# You can also use wget
curl -X DELETE https://127.0.0.1:3443/api/v1/roles/{role_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
DELETE /roles/{role_id}
Role
Delete a Role
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| role_id | path | string(uuid) | true | none |
| force_delete | query | boolean | false | none |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Role deleted | None |
| default | Default | Error | ErrorDescriptionResponse |
Agents
get_registration_token
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/config/agents/registration_token \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /config/agents/registration_token
Registration Token
Returns a Registration Token
Example responses
200 Response
{
"token": "b5507016-7da2-4777-a161-1e8042a6a377",
"description": "string",
"created": "2019-08-24T14:15:22Z"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Registration Token | AgentRegistrationToken |
| default | Default | Error | ErrorDescriptionResponse |
remove_registration_token
Code samples
# You can also use wget
curl -X DELETE https://127.0.0.1:3443/api/v1/config/agents/registration_token \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
DELETE /config/agents/registration_token
Registration Token
Delete a Registration Token
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Registration Token deleted | None |
| default | Default | Error | ErrorDescriptionResponse |
generate_registration_token
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/config/agents/registration_token \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /config/agents/registration_token
Generate or regenerate Token
Body parameter
{
"description": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | NewAgentRegistrationToken | true | New Agent request |
Example responses
200 Response
{
"token": "b5507016-7da2-4777-a161-1e8042a6a377",
"description": "string",
"created": "2019-08-24T14:15:22Z"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Registration Token | AgentRegistrationToken |
| default | Default | Error | ErrorDescriptionResponse |
ExcludedHours
get_excluded_hours_profiles
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/excluded_hours_profiles \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /excluded_hours_profiles
Excluded Hours Profiles
Returns a list of Excluded Hours Profiles
Example responses
200 Response
{
"values": [
{
"name": "string",
"excluded_hours_id": "dc657425-7a6b-4b12-aa82-c43507e719f5",
"time_offset": 0,
"exclusion_matrix": [
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true
]
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | List of Excluded Hours Profiles | ExcludedHoursProfilesList |
| default | Default | Error | ErrorDescriptionResponse |
create_excluded_hours_profile
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/excluded_hours_profiles \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /excluded_hours_profiles
Create Excluded Hours Profile
Creates a new Excluded Hours Profile
Body parameter
{
"name": "string",
"excluded_hours_id": "dc657425-7a6b-4b12-aa82-c43507e719f5",
"time_offset": 0,
"exclusion_matrix": [
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | ExcludedHoursProfile | true | none |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Excluded Hours Profile created | None |
| default | Default | Error | ErrorDescriptionResponse |
get_excluded_hours_profile
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/excluded_hours_profiles/{excluded_hours_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /excluded_hours_profiles/{excluded_hours_id}
Excluded Hours Profile
Returns a list of Excluded Hours Profile properties
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| excluded_hours_id | path | string(uuid) | true | Excluded Hours Profile unique identifier |
Example responses
200 Response
{
"name": "string",
"excluded_hours_id": "dc657425-7a6b-4b12-aa82-c43507e719f5",
"time_offset": 0,
"exclusion_matrix": [
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Excluded Hours Profile properties | ExcludedHoursProfile |
| default | Default | Error | ErrorDescriptionResponse |
modify_excluded_hours_profile
Code samples
# You can also use wget
curl -X PATCH https://127.0.0.1:3443/api/v1/excluded_hours_profiles/{excluded_hours_id} \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
PATCH /excluded_hours_profiles/{excluded_hours_id}
Excluded Hours Profile
Modifies an Excluded Hours Profile
Body parameter
{
"name": "string",
"excluded_hours_id": "dc657425-7a6b-4b12-aa82-c43507e719f5",
"time_offset": 0,
"exclusion_matrix": [
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | ExcludedHoursProfile | true | none |
| excluded_hours_id | path | string(uuid) | true | Excluded Hours Profile unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 203 | Non-Authoritative Information | Excluded Hours Profile modified | None |
| default | Default | Error | ErrorDescriptionResponse |
remove_excluded_hours_profile
Code samples
# You can also use wget
curl -X DELETE https://127.0.0.1:3443/api/v1/excluded_hours_profiles/{excluded_hours_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
DELETE /excluded_hours_profiles/{excluded_hours_id}
Excluded Hours Profile
Deletes an Excluded Hours Profile
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| excluded_hours_id | path | string(uuid) | true | Excluded Hours Profile unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Excluded Hours Profile deleted | None |
| default | Default | Error | ErrorDescriptionResponse |
IssueTrackers
check_connection
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/issue_trackers/check_connection \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /issue_trackers/check_connection
Issue Tracker check connection
Tests the connection to an Issue Tracker
Body parameter
{
"platform": "github",
"url": "string",
"collection": {
"collection_name": "string"
},
"project": {
"project_id": "string",
"project_name": "string",
"project_key": "string"
},
"issue_type": {
"issue_id": "string",
"issue_name": "string"
},
"auth": {
"kind": "cookie",
"user": "string",
"password": "string",
"consumer_key": "string",
"private_key": "string"
},
"proxy": {
"proxy_type": "system",
"settings": {
"protocol": "http",
"address": "string",
"port": 0,
"username": "string",
"password": "string",
"enabled": false
}
},
"access_from_any_groups": true,
"groups_access": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"tags": [
"string"
],
"labels": [
"string"
],
"custom_fields": [
{
"id": "string",
"value": "string",
"name": "string"
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | IssueTrackerConfig | true | Issue Tracker configuration |
Example responses
200 Response
{
"success": true,
"message": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Issue Tracker connection status | IssueTrackerConnectionStatus |
| default | Default | Error | ErrorDescriptionResponse |
check_projects
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/issue_trackers/check_projects \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /issue_trackers/check_projects
Issue Tracker Projects
Requests an Issue Tracker's Projects
Body parameter
{
"platform": "github",
"url": "string",
"collection": {
"collection_name": "string"
},
"project": {
"project_id": "string",
"project_name": "string",
"project_key": "string"
},
"issue_type": {
"issue_id": "string",
"issue_name": "string"
},
"auth": {
"kind": "cookie",
"user": "string",
"password": "string",
"consumer_key": "string",
"private_key": "string"
},
"proxy": {
"proxy_type": "system",
"settings": {
"protocol": "http",
"address": "string",
"port": 0,
"username": "string",
"password": "string",
"enabled": false
}
},
"access_from_any_groups": true,
"groups_access": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"tags": [
"string"
],
"labels": [
"string"
],
"custom_fields": [
{
"id": "string",
"value": "string",
"name": "string"
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | IssueTrackerConfig | true | Issue Tracker configuration |
Example responses
200 Response
{
"projects": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Issue Tracker Projects | IssueTrackerProjects |
| default | Default | Error | ErrorDescriptionResponse |
check_issue_types
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/issue_trackers/check_issue_types \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /issue_trackers/check_issue_types
Issue Tracker Issue Types
Requests Issue Types of an Issue Tracker Project
Body parameter
{
"platform": "github",
"url": "string",
"collection": {
"collection_name": "string"
},
"project": {
"project_id": "string",
"project_name": "string",
"project_key": "string"
},
"issue_type": {
"issue_id": "string",
"issue_name": "string"
},
"auth": {
"kind": "cookie",
"user": "string",
"password": "string",
"consumer_key": "string",
"private_key": "string"
},
"proxy": {
"proxy_type": "system",
"settings": {
"protocol": "http",
"address": "string",
"port": 0,
"username": "string",
"password": "string",
"enabled": false
}
},
"access_from_any_groups": true,
"groups_access": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"tags": [
"string"
],
"labels": [
"string"
],
"custom_fields": [
{
"id": "string",
"value": "string",
"name": "string"
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | IssueTrackerConfig | true | Issue Tracker configuration |
Example responses
200 Response
{
"issue_types": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Issue Tracker Project Issue Types | IssueTrackerIssueTypes |
| default | Default | Issue Tracker error | ErrorDescriptionResponse |
get_collections
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/issue_trackers/collections \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /issue_trackers/collections
Issue Tracker get collections
Get a list of TFS collections
Body parameter
{
"platform": "github",
"url": "string",
"collection": {
"collection_name": "string"
},
"project": {
"project_id": "string",
"project_name": "string",
"project_key": "string"
},
"issue_type": {
"issue_id": "string",
"issue_name": "string"
},
"auth": {
"kind": "cookie",
"user": "string",
"password": "string",
"consumer_key": "string",
"private_key": "string"
},
"proxy": {
"proxy_type": "system",
"settings": {
"protocol": "http",
"address": "string",
"port": 0,
"username": "string",
"password": "string",
"enabled": false
}
},
"access_from_any_groups": true,
"groups_access": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"tags": [
"string"
],
"labels": [
"string"
],
"custom_fields": [
{
"id": "string",
"value": "string",
"name": "string"
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | IssueTrackerConfig | true | Issue Tracker configuration |
Example responses
200 Response
{
"collections": [
{
"collection_name": "string"
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Issue Tracker connection status | IssueTrackerCollections |
| default | Default | Error | ErrorDescriptionResponse |
get_custom_fields
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/issue_trackers/custom_fields \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /issue_trackers/custom_fields
Issue Tracker get a list of custom fields
Get a list of custom fields
Body parameter
{
"platform": "github",
"url": "string",
"collection": {
"collection_name": "string"
},
"project": {
"project_id": "string",
"project_name": "string",
"project_key": "string"
},
"issue_type": {
"issue_id": "string",
"issue_name": "string"
},
"auth": {
"kind": "cookie",
"user": "string",
"password": "string",
"consumer_key": "string",
"private_key": "string"
},
"proxy": {
"proxy_type": "system",
"settings": {
"protocol": "http",
"address": "string",
"port": 0,
"username": "string",
"password": "string",
"enabled": false
}
},
"access_from_any_groups": true,
"groups_access": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"tags": [
"string"
],
"labels": [
"string"
],
"custom_fields": [
{
"id": "string",
"value": "string",
"name": "string"
}
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | IssueTrackerConfig | true | Issue Tracker configuration |
Example responses
200 Response
{
"custom_fields": [
{
"custom_field_name": "string",
"custom_field_id": "string"
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Issue Tracker connection status | IssueTrackerCustomFields |
| default | Default | Error | ErrorDescriptionResponse |
get_issue_trackers
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/issue_trackers \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /issue_trackers
Issue Trackers
Returns a list of Issue Trackers
Example responses
200 Response
{
"issue_trackers": [
{
"platform": "github",
"url": "string",
"collection": {
"collection_name": "string"
},
"project": {
"project_id": "string",
"project_name": "string",
"project_key": "string"
},
"issue_type": {
"issue_id": "string",
"issue_name": "string"
},
"auth": {
"kind": "cookie",
"user": "string",
"password": "string",
"consumer_key": "string",
"private_key": "string"
},
"proxy": {
"proxy_type": "system",
"settings": {
"protocol": "http",
"address": "string",
"port": 0,
"username": "string",
"password": "string",
"enabled": false
}
},
"access_from_any_groups": true,
"groups_access": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"tags": [
"string"
],
"labels": [
"string"
],
"custom_fields": [
{
"id": "string",
"value": "string",
"name": "string"
}
],
"issue_tracker_id": "a9056f4a-c5f7-4843-a8df-4988763cb8a4",
"name": "string"
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Issue Trackers list | IssueTrackerList |
| default | Default | Error | ErrorDescriptionResponse |
create_issue_tracker_entry
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/issue_trackers \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /issue_trackers
Create Issue Tracker
Creates a new Issue Tracker
Body parameter
{
"platform": "github",
"url": "string",
"collection": {
"collection_name": "string"
},
"project": {
"project_id": "string",
"project_name": "string",
"project_key": "string"
},
"issue_type": {
"issue_id": "string",
"issue_name": "string"
},
"auth": {
"kind": "cookie",
"user": "string",
"password": "string",
"consumer_key": "string",
"private_key": "string"
},
"proxy": {
"proxy_type": "system",
"settings": {
"protocol": "http",
"address": "string",
"port": 0,
"username": "string",
"password": "string",
"enabled": false
}
},
"access_from_any_groups": true,
"groups_access": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"tags": [
"string"
],
"labels": [
"string"
],
"custom_fields": [
{
"id": "string",
"value": "string",
"name": "string"
}
],
"issue_tracker_id": "a9056f4a-c5f7-4843-a8df-4988763cb8a4",
"name": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | IssueTrackerEntry | true | Issue Tracker configuration |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Issue Tracker created | None |
| default | Default | Error | ErrorDescriptionResponse |
get_issue_tracker_entry
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/issue_trackers/{issue_tracker_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /issue_trackers/{issue_tracker_id}
Issue Tracker details
Returns a list of Issue Tracker properties
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| issue_tracker_id | path | string(uuid) | true | Issue tracker unique identifier |
Example responses
200 Response
{
"platform": "github",
"url": "string",
"collection": {
"collection_name": "string"
},
"project": {
"project_id": "string",
"project_name": "string",
"project_key": "string"
},
"issue_type": {
"issue_id": "string",
"issue_name": "string"
},
"auth": {
"kind": "cookie",
"user": "string",
"password": "string",
"consumer_key": "string",
"private_key": "string"
},
"proxy": {
"proxy_type": "system",
"settings": {
"protocol": "http",
"address": "string",
"port": 0,
"username": "string",
"password": "string",
"enabled": false
}
},
"access_from_any_groups": true,
"groups_access": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"tags": [
"string"
],
"labels": [
"string"
],
"custom_fields": [
{
"id": "string",
"value": "string",
"name": "string"
}
],
"issue_tracker_id": "a9056f4a-c5f7-4843-a8df-4988763cb8a4",
"name": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Issue Tracker properties | IssueTrackerEntry |
| default | Default | Error | ErrorDescriptionResponse |
delete_issue_tracker_entry
Code samples
# You can also use wget
curl -X DELETE https://127.0.0.1:3443/api/v1/issue_trackers/{issue_tracker_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
DELETE /issue_trackers/{issue_tracker_id}
Delete Issue Tracker entry
Deletes an Issue Tracker
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| issue_tracker_id | path | string(uuid) | true | Issue tracker unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Issue Tracker deleted | None |
| default | Default | Error | ErrorDescriptionResponse |
update_issue_tracker_entry
Code samples
# You can also use wget
curl -X PATCH https://127.0.0.1:3443/api/v1/issue_trackers/{issue_tracker_id} \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
PATCH /issue_trackers/{issue_tracker_id}
Issue Tracker
Modifies an Issue Tracker
Body parameter
{
"platform": "github",
"url": "string",
"collection": {
"collection_name": "string"
},
"project": {
"project_id": "string",
"project_name": "string",
"project_key": "string"
},
"issue_type": {
"issue_id": "string",
"issue_name": "string"
},
"auth": {
"kind": "cookie",
"user": "string",
"password": "string",
"consumer_key": "string",
"private_key": "string"
},
"proxy": {
"proxy_type": "system",
"settings": {
"protocol": "http",
"address": "string",
"port": 0,
"username": "string",
"password": "string",
"enabled": false
}
},
"access_from_any_groups": true,
"groups_access": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"tags": [
"string"
],
"labels": [
"string"
],
"custom_fields": [
{
"id": "string",
"value": "string",
"name": "string"
}
],
"issue_tracker_id": "a9056f4a-c5f7-4843-a8df-4988763cb8a4",
"name": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | IssueTrackerEntry | true | Issue Tracker configuration |
| issue_tracker_id | path | string(uuid) | true | Issue tracker unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Issue Tracker modified | None |
| default | Default | Error | ErrorDescriptionResponse |
issue_tracker_entry_check_connection
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/issue_trackers/{issue_tracker_id}/check_connection \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /issue_trackers/{issue_tracker_id}/check_connection
Issue Tracker details
Returns a list of Issue Tracker properties
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| issue_tracker_id | path | string(uuid) | true | Issue tracker unique identifier |
Example responses
200 Response
{
"success": true,
"message": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Issue Tracker connection status | IssueTrackerConnectionStatus |
| default | Default | Error | ErrorDescriptionResponse |
issue_tracker_entry_get_collections
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/issue_trackers/{issue_tracker_id}/collections \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /issue_trackers/{issue_tracker_id}/collections
Issue Tracker Collections (TFS)
Requests an Issue Tracker's Collections
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| issue_tracker_id | path | string(uuid) | true | Issue tracker unique identifier |
Example responses
200 Response
{
"collections": [
{
"collection_name": "string"
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Issue Tracker Collections | IssueTrackerCollections |
| default | Default | Error | ErrorDescriptionResponse |
issue_tracker_entry_get_custom_fields
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/issue_trackers/{issue_tracker_id}/custom_fields \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /issue_trackers/{issue_tracker_id}/custom_fields
Issue Tracker Custom Fields
Requests an Issue Tracker's Custom fields
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| issue_tracker_id | path | string(uuid) | true | Issue tracker unique identifier |
Example responses
200 Response
{
"custom_fields": [
{
"custom_field_name": "string",
"custom_field_id": "string"
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Issue Tracker Custom Fields | IssueTrackerCustomFields |
| default | Default | Error | ErrorDescriptionResponse |
issue_tracker_entry_get_projects
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/issue_trackers/{issue_tracker_id}/projects \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /issue_trackers/{issue_tracker_id}/projects
Issue Tracker Projects
Requests an Issue Tracker's Projects
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| issue_tracker_id | path | string(uuid) | true | Issue tracker unique identifier |
Example responses
200 Response
{
"projects": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Issue Tracker Projects | IssueTrackerProjects |
| default | Default | Error | ErrorDescriptionResponse |
issue_tracker_entry_get_issue_types_by_project_id
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/issue_trackers/{issue_tracker_id}/projects/{project_id}/issue_types \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /issue_trackers/{issue_tracker_id}/projects/{project_id}/issue_types
Issue Tracker Projects
Requests an Issue Tracker's Projects
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| issue_tracker_id | path | string(uuid) | true | Issue tracker unique identifier |
| project_id | path | string | true | The id of the issue tracker project |
Example responses
200 Response
{
"projects": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Issue Tracker Projects | IssueTrackerProjects |
| default | Default | Error | ErrorDescriptionResponse |
issue_tracker_entry_get_issue_types
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/issue_trackers/{issue_tracker_id}/projects/issue_types?project_id=string \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /issue_trackers/{issue_tracker_id}/projects/issue_types
Issue Tracker Projects
Requests an Issue Tracker's Projects
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| issue_tracker_id | path | string(uuid) | true | Issue tracker unique identifier |
| project_id | query | string | true | The id of the issue tracker project |
Example responses
200 Response
{
"projects": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Issue Tracker Projects | IssueTrackerProjects |
| default | Default | Error | ErrorDescriptionResponse |
Reports
get_report_templates
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/report_templates \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /report_templates
Report Templates
Returns a list of Report Templates
Example responses
200 Response
{
"templates": [
{
"name": "string",
"group": "string",
"template_id": "c6d67e98-83ea-49f0-8812-e4abae2b68bc",
"accepted_sources": [
"ignore_entry"
]
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Report Templates list | ReportTemplateList |
| default | Default | Error | ErrorDescriptionResponse |
get_reports
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/reports \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /reports
Reports
Returns a list of Reports. The returned list will be paginated if the number of elements exceeds 100
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| c | query | string | false | Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit). |
| l | query | integer | false | Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100). |
| q | query | string(search) | false | Query to filter results based on a number of filters. |
| s | query | string | false | none |
Detailed descriptions
c: Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit).
l: Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100).
q: Query to filter results based on a number of filters.
List of Filters:
Scans
-
target: Specific target to filter for. Only accepts filtering of single targets.
TARGET_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
threat: Level of severity to filter scans by. Do note that multiple threats can be added and are comma-separated (e.g.
?threat=3,2)- 4: Critical
- 3: High
- 2: Medium
- 1: Low
- 0: Informational
-
business_criticality: Level of business criticality to filter scans for. Multiple values can be added and are comma-separated (e.g.
?business_criticality=30,10)- 30: Critical
- 20: High
- 10: Normal
- 0: Low
-
scan_status: Scan state to filter by. Multiple values can be added and are comma-separated (e.g.
?scan_status=completed,queued)- aborting
- completed
- failed
- processing
- queued
- scheduled
- starting
-
profile_id: Scan type to filter scans by (e.g. Crawl Only). Multiple scan types can be added and are comma-separated.
PROFILE_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
group_id: Target group to filter scans by. Target groups are not preset and thus are custom set for each Acunetix instance. Multiple target groups can be added and are comma-separated.
GROUP_ID(UUID - E.G "11111111-1111-1111-1111-111111111111")
Example responses
200 Response
{
"reports": [
{
"report_id": "5ed7905a-4735-4cf7-b1ab-521e066fb971",
"source": {
"description": "string",
"list_type": "all_vulnerabilities",
"id_list": [
"string"
]
},
"template_id": "c6d67e98-83ea-49f0-8812-e4abae2b68bc",
"template_name": "string",
"template_type": 0,
"generation_date": "2019-08-24T14:15:22Z",
"status": "string",
"download": [
"string"
]
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Reports list | ReportListResponse |
| default | Default | Error | ErrorDescriptionResponse |
generate_new_report
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/reports \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /reports
Reports
Generates a Report
Body parameter
{
"template_id": "c6d67e98-83ea-49f0-8812-e4abae2b68bc",
"source": {
"description": "string",
"list_type": "all_vulnerabilities",
"id_list": [
"string"
]
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | NewReport | true | none |
Example responses
201 Response
{
"report_id": "5ed7905a-4735-4cf7-b1ab-521e066fb971",
"source": {
"description": "string",
"list_type": "all_vulnerabilities",
"id_list": [
"string"
]
},
"template_id": "c6d67e98-83ea-49f0-8812-e4abae2b68bc",
"template_name": "string",
"template_type": 0,
"generation_date": "2019-08-24T14:15:22Z",
"status": "string",
"download": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Report generated | Report |
| default | Default | Error | ErrorDescriptionResponse |
Response Headers
| Status | Header | Type | Format | Description |
|---|---|---|---|---|
| 201 | Location | string | url | Report URL |
remove_reports
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/reports/delete \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /reports/delete
Delete reports
Delete reports
Body parameter
{
"report_id_list": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | ReportIdList | true | none |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Deleted Reports | None |
| default | Default | Error | ErrorDescriptionResponse |
get_report
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/reports/{report_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /reports/{report_id}
Report
Returns a list of a Report's properties
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| report_id | path | string(uuid) | true | Report unique identifier |
Example responses
200 Response
{
"report_id": "5ed7905a-4735-4cf7-b1ab-521e066fb971",
"source": {
"description": "string",
"list_type": "all_vulnerabilities",
"id_list": [
"string"
]
},
"template_id": "c6d67e98-83ea-49f0-8812-e4abae2b68bc",
"template_name": "string",
"template_type": 0,
"generation_date": "2019-08-24T14:15:22Z",
"status": "string",
"download": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Report properties | Report |
| default | Default | Error | ErrorDescriptionResponse |
remove_report
Code samples
# You can also use wget
curl -X DELETE https://127.0.0.1:3443/api/v1/reports/{report_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
DELETE /reports/{report_id}
Report
Deletes a Report
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| report_id | path | string(uuid) | true | Report unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Report deleted | None |
| default | Default | Error | ErrorDescriptionResponse |
repeat_report
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/reports/{report_id}/repeat \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /reports/{report_id}/repeat
Re-generate Report
Re-generates a Report
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| report_id | path | string(uuid) | true | Report unique identifier |
Example responses
201 Response
{
"report_id": "5ed7905a-4735-4cf7-b1ab-521e066fb971",
"source": {
"description": "string",
"list_type": "all_vulnerabilities",
"id_list": [
"string"
]
},
"template_id": "c6d67e98-83ea-49f0-8812-e4abae2b68bc",
"template_name": "string",
"template_type": 0,
"generation_date": "2019-08-24T14:15:22Z",
"status": "string",
"download": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Report re-generated | Report |
| default | Default | Error | ErrorDescriptionResponse |
Response Headers
| Status | Header | Type | Format | Description |
|---|---|---|---|---|
| 201 | Location | string | url | Re-generated Report URI |
download_report
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/reports/download/{descriptor} \
-H 'Accept: application/json'
GET /reports/download/{descriptor}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| descriptor | path | string | true | none |
Example responses
200 Response
"string"
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | The report file | string |
get_export_types
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/export_types \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /export_types
Export Types
Returns a list of Export Types
Example responses
200 Response
{
"templates": [
{
"name": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"content_type": "string",
"accepted_sources": [
"all_vulnerabilities"
],
"export_id": "a9a55f8d-48b1-4a5b-a88e-c41b0cd75102",
"upload": true
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Export Types list | ExportTypesList |
export
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/exports \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /exports
Export
Exports one or more Export Sources
Body parameter
{
"export_id": "a9a55f8d-48b1-4a5b-a88e-c41b0cd75102",
"source": {
"list_type": "all_vulnerabilities",
"id_list": [
"string"
],
"waf_id": "dafe8a13-3639-429c-8247-c6f23cadf413",
"waf_name": "string"
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | NewExport | true | none |
Example responses
201 Response
{
"report_id": "5ed7905a-4735-4cf7-b1ab-521e066fb971",
"source": {
"list_type": "all_vulnerabilities",
"id_list": [
"string"
],
"waf_id": "dafe8a13-3639-429c-8247-c6f23cadf413",
"waf_name": "string"
},
"template_id": "c6d67e98-83ea-49f0-8812-e4abae2b68bc",
"template_name": "string",
"template_type": 0,
"generation_date": "2019-08-24T14:15:22Z",
"status": "string",
"download": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Export properties | Export |
| 409 | Conflict | Export Source cannot be used with specified Export Type | ErrorDescriptionResponse |
| default | Default | Error | ErrorDescriptionResponse |
Response Headers
| Status | Header | Type | Format | Description |
|---|---|---|---|---|
| 201 | Location | string | url | Exported Source URI |
get_export
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/exports/{export_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /exports/{export_id}
Export
Returns a ist of an Export's properties
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| export_id | path | string(uuid) | true | Export unique identifier |
Example responses
200 Response
{
"report_id": "5ed7905a-4735-4cf7-b1ab-521e066fb971",
"source": {
"list_type": "all_vulnerabilities",
"id_list": [
"string"
],
"waf_id": "dafe8a13-3639-429c-8247-c6f23cadf413",
"waf_name": "string"
},
"template_id": "c6d67e98-83ea-49f0-8812-e4abae2b68bc",
"template_name": "string",
"template_type": 0,
"generation_date": "2019-08-24T14:15:22Z",
"status": "string",
"download": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Export properties | Export |
| default | Default | Error | ErrorDescriptionResponse |
remove_export
Code samples
# You can also use wget
curl -X DELETE https://127.0.0.1:3443/api/v1/exports/{export_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
DELETE /exports/{export_id}
Export
Deletes an Export
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| export_id | path | string(uuid) | true | Export unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Deleted Export | None |
| default | Default | Error | ErrorDescriptionResponse |
remove_exports
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/exports/delete \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /exports/delete
Delete reports
Delete reports
Body parameter
{
"report_id_list": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | ReportIdList | true | none |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Deleted Exports | None |
| default | Default | Error | ErrorDescriptionResponse |
Results
get_scan_result
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/results/{result_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /results/{result_id}
Scan Result
Returns a list of properties for a Scan Result
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| result_id | path | string(uuid) | true | Scan result unique identifier |
Example responses
200 Response
{
"scan_id": "9a59f0f5-5572-476d-a7fc-c960ef43a5af",
"result_id": "cd1ea384-5045-47f3-9678-d1fc6f8c8581",
"start_date": "2019-08-24T14:15:22Z",
"end_date": "2019-08-24T14:15:22Z",
"status": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Scan Result | ScanResultItem |
| default | Default | Error | ErrorDescriptionResponse |
get_scan_vulnerabilities
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/scans/{scan_id}/results/{result_id}/vulnerabilities \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /scans/{scan_id}/results/{result_id}/vulnerabilities
Scan Result Vulnerabilities
Returns a list of Vulnerabilities found during a Scan
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| c | query | string | false | Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit). |
| l | query | integer | false | Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100). |
| q | query | string(search) | false | Query to filter results based on a number of filters. |
| s | query | string | false | none |
| scan_id | path | string(uuid) | true | Scan unique identifier |
| result_id | path | string(uuid) | true | Scan result unique identifier |
Detailed descriptions
c: Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit).
l: Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100).
q: Query to filter results based on a number of filters.
List of Filters:
Scans
-
target: Specific target to filter for. Only accepts filtering of single targets.
TARGET_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
threat: Level of severity to filter scans by. Do note that multiple threats can be added and are comma-separated (e.g.
?threat=3,2)- 4: Critical
- 3: High
- 2: Medium
- 1: Low
- 0: Informational
-
business_criticality: Level of business criticality to filter scans for. Multiple values can be added and are comma-separated (e.g.
?business_criticality=30,10)- 30: Critical
- 20: High
- 10: Normal
- 0: Low
-
scan_status: Scan state to filter by. Multiple values can be added and are comma-separated (e.g.
?scan_status=completed,queued)- aborting
- completed
- failed
- processing
- queued
- scheduled
- starting
-
profile_id: Scan type to filter scans by (e.g. Crawl Only). Multiple scan types can be added and are comma-separated.
PROFILE_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
group_id: Target group to filter scans by. Target groups are not preset and thus are custom set for each Acunetix instance. Multiple target groups can be added and are comma-separated.
GROUP_ID(UUID - E.G "11111111-1111-1111-1111-111111111111")
Example responses
200 Response
{
"vulnerabilities": [
{
"status": "fixed",
"comment": "string",
"target_description": "string",
"vuln_id": "string",
"target_vuln_id": "string",
"issue_id": "string",
"issue_tracker_id": "string",
"issue_url": "string",
"vt_name": "string",
"criticality": 0,
"vt_id": "2f7d0267-c402-4b34-84d9-74f7d7796a96",
"affects_detail": "string",
"affects_url": "string",
"source": "string",
"loc_id": 0,
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"first_seen": "2019-08-24",
"last_seen": "2019-08-24",
"severity": 0,
"tags": [
"string"
],
"continuous": true,
"confidence": 0,
"vt_created": "string",
"vt_updated": "string",
"app": "string",
"archived": true
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Vulnerabilities list | VulnerabilityListResponse |
| default | Default | Error | ErrorDescriptionResponse |
get_scan_vulnerability_detail_from_vuln_id
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/scan_vulnerabilities/{vuln_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /scan_vulnerabilities/{vuln_id}
Scan Result Vulnerability
Returns a Vulnerability's details without requiring scan_id and result_id
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| vuln_id | path | string | true | Vulnerability unique identifier |
Example responses
200 Response
{
"status": "fixed",
"comment": "string",
"target_description": "string",
"vuln_id": "string",
"target_vuln_id": "string",
"issue_id": "string",
"issue_tracker_id": "string",
"issue_url": "string",
"vt_name": "string",
"criticality": 0,
"vt_id": "2f7d0267-c402-4b34-84d9-74f7d7796a96",
"affects_detail": "string",
"affects_url": "string",
"source": "string",
"loc_id": 0,
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"first_seen": "2019-08-24",
"last_seen": "2019-08-24",
"severity": 0,
"tags": [
"string"
],
"continuous": true,
"confidence": 0,
"vt_created": "string",
"vt_updated": "string",
"app": "string",
"archived": true,
"description": "string",
"cvss2": "string",
"cvss3": "string",
"cvss4": "string",
"cvss_score": 0,
"cvss4_score": 0,
"impact": "string",
"recommendation": "string",
"long_description": "string",
"references": [
{
"rel": "string",
"href": "string"
}
],
"details": "string",
"request": "string",
"response_info": "string",
"highlights": [
{
"index": 0,
"length": 0,
"in": "string"
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Vulnerability details | VulnerabilityDetails |
| default | Default | Error | ErrorDescriptionResponse |
get_scan_vulnerability_detail
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/scans/{scan_id}/results/{result_id}/vulnerabilities/{vuln_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /scans/{scan_id}/results/{result_id}/vulnerabilities/{vuln_id}
Scan Result Vulnerability
Returns a Vulnerability's details
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| result_id | path | string(uuid) | true | Scan result unique identifier |
| scan_id | path | string(uuid) | true | Scan unique identifier |
| vuln_id | path | string | true | Vulnerability unique identifier |
Example responses
200 Response
{
"status": "fixed",
"comment": "string",
"target_description": "string",
"vuln_id": "string",
"target_vuln_id": "string",
"issue_id": "string",
"issue_tracker_id": "string",
"issue_url": "string",
"vt_name": "string",
"criticality": 0,
"vt_id": "2f7d0267-c402-4b34-84d9-74f7d7796a96",
"affects_detail": "string",
"affects_url": "string",
"source": "string",
"loc_id": 0,
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"first_seen": "2019-08-24",
"last_seen": "2019-08-24",
"severity": 0,
"tags": [
"string"
],
"continuous": true,
"confidence": 0,
"vt_created": "string",
"vt_updated": "string",
"app": "string",
"archived": true,
"description": "string",
"cvss2": "string",
"cvss3": "string",
"cvss4": "string",
"cvss_score": 0,
"cvss4_score": 0,
"impact": "string",
"recommendation": "string",
"long_description": "string",
"references": [
{
"rel": "string",
"href": "string"
}
],
"details": "string",
"request": "string",
"response_info": "string",
"highlights": [
{
"index": 0,
"length": 0,
"in": "string"
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Vulnerability details | VulnerabilityDetails |
| default | Default | Error | ErrorDescriptionResponse |
get_scan_session_vulnerability_http_response
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/scans/{scan_id}/results/{result_id}/vulnerabilities/{vuln_id}/http_response \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /scans/{scan_id}/results/{result_id}/vulnerabilities/{vuln_id}/http_response
Vulnerability
Returns a list of Vulnerability details
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| result_id | path | string(uuid) | true | Scan result unique identifier |
| scan_id | path | string(uuid) | true | Scan unique identifier |
| vuln_id | path | string | true | Vulnerability unique identifier |
Example responses
200 Response
"string"
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | File containing the HTTP response | string |
| default | Default | Error | ErrorDescriptionResponse |
set_scan_session_vulnerability_status
Code samples
# You can also use wget
curl -X PUT https://127.0.0.1:3443/api/v1/scans/{scan_id}/results/{result_id}/vulnerabilities/{vuln_id}/status \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
PUT /scans/{scan_id}/results/{result_id}/vulnerabilities/{vuln_id}/status
Vulnerability status
Updates the status of a Vulnerability
Body parameter
{
"status": "fixed",
"comment": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | VulnerabilityStatus | true | Vulnerability status |
| result_id | path | string(uuid) | true | Scan result unique identifier |
| scan_id | path | string(uuid) | true | Scan unique identifier |
| vuln_id | path | string | true | Vulnerability unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Vulnerability status updated | None |
| default | Default | Error | ErrorDescriptionResponse |
recheck_scan_session_vulnerability
Code samples
# You can also use wget
curl -X PUT https://127.0.0.1:3443/api/v1/scans/{scan_id}/results/{result_id}/vulnerabilities/{vuln_id}/recheck \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
PUT /scans/{scan_id}/results/{result_id}/vulnerabilities/{vuln_id}/recheck
Re-check Vulnerability
Re-checks a Vulnerability
Body parameter
{
"ui_session_id": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | VulnerabilityRecheck | true | none |
| result_id | path | string(uuid) | true | Scan result unique identifier |
| scan_id | path | string(uuid) | true | Scan unique identifier |
| vuln_id | path | string | true | Vulnerability unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Re-check Scan scheduled | None |
| default | Default | Error | ErrorDescriptionResponse |
Response Headers
| Status | Header | Type | Format | Description |
|---|---|---|---|---|
| 201 | Location | string | url | Scan URI |
recheck_scan_session_vulnerabilities
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/scans/{scan_id}/results/{result_id}/vulnerabilities/recheck \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /scans/{scan_id}/results/{result_id}/vulnerabilities/recheck
Re-check Vulnerabilities
Re-checks a list of Vulnerabilities
Body parameter
{
"vuln_id_list": [
"string"
],
"ui_session_id": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | VulnerabilitiesRecheck | true | none |
| result_id | path | string(uuid) | true | Scan result unique identifier |
| scan_id | path | string(uuid) | true | Scan unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Re-check Scan/s scheduled | None |
| default | Default | Error | ErrorDescriptionResponse |
get_scan_vulnerability_types
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/scans/{scan_id}/results/{result_id}/vulnerability_types \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /scans/{scan_id}/results/{result_id}/vulnerability_types
Scan Result Vulnerability Types
Returns Vulnerability Types found during a Scan
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| c | query | string | false | Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit). |
| l | query | integer | false | Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100). |
| q | query | string(search) | false | Query to filter results based on a number of filters. |
| s | query | string | false | none |
| result_id | path | string(uuid) | true | Scan result unique identifier |
| scan_id | path | string(uuid) | true | Scan unique identifier |
Detailed descriptions
c: Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit).
l: Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100).
q: Query to filter results based on a number of filters.
List of Filters:
Scans
-
target: Specific target to filter for. Only accepts filtering of single targets.
TARGET_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
threat: Level of severity to filter scans by. Do note that multiple threats can be added and are comma-separated (e.g.
?threat=3,2)- 4: Critical
- 3: High
- 2: Medium
- 1: Low
- 0: Informational
-
business_criticality: Level of business criticality to filter scans for. Multiple values can be added and are comma-separated (e.g.
?business_criticality=30,10)- 30: Critical
- 20: High
- 10: Normal
- 0: Low
-
scan_status: Scan state to filter by. Multiple values can be added and are comma-separated (e.g.
?scan_status=completed,queued)- aborting
- completed
- failed
- processing
- queued
- scheduled
- starting
-
profile_id: Scan type to filter scans by (e.g. Crawl Only). Multiple scan types can be added and are comma-separated.
PROFILE_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
group_id: Target group to filter scans by. Target groups are not preset and thus are custom set for each Acunetix instance. Multiple target groups can be added and are comma-separated.
GROUP_ID(UUID - E.G "11111111-1111-1111-1111-111111111111")
Example responses
200 Response
{
"vulnerability_types": [
{
"vt_id": "2f7d0267-c402-4b34-84d9-74f7d7796a96",
"name": "string",
"severity": 0,
"tags": [
"string"
],
"cvss2": "string",
"cvss3": "string",
"cvss4": "string",
"app": "string",
"count": 0
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Vulnerability Types list | VulnerabilityTypeSessionsCountResponse |
| default | Default | Error | ErrorDescriptionResponse |
get_scan_technologies
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/scans/{scan_id}/results/{result_id}/technologies \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /scans/{scan_id}/results/{result_id}/technologies
Scan Result Technologies Found
Returns Technologies found during a Scan
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| q | query | string(search) | false | Query to filter results based on a number of filters. |
| c | query | string | false | Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit). |
| l | query | integer | false | Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100). |
| s | query | string | false | none |
| result_id | path | string(uuid) | true | Scan result unique identifier |
| scan_id | path | string(uuid) | true | Scan unique identifier |
Detailed descriptions
q: Query to filter results based on a number of filters.
List of Filters:
Scans
-
target: Specific target to filter for. Only accepts filtering of single targets.
TARGET_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
threat: Level of severity to filter scans by. Do note that multiple threats can be added and are comma-separated (e.g.
?threat=3,2)- 4: Critical
- 3: High
- 2: Medium
- 1: Low
- 0: Informational
-
business_criticality: Level of business criticality to filter scans for. Multiple values can be added and are comma-separated (e.g.
?business_criticality=30,10)- 30: Critical
- 20: High
- 10: Normal
- 0: Low
-
scan_status: Scan state to filter by. Multiple values can be added and are comma-separated (e.g.
?scan_status=completed,queued)- aborting
- completed
- failed
- processing
- queued
- scheduled
- starting
-
profile_id: Scan type to filter scans by (e.g. Crawl Only). Multiple scan types can be added and are comma-separated.
PROFILE_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
group_id: Target group to filter scans by. Target groups are not preset and thus are custom set for each Acunetix instance. Multiple target groups can be added and are comma-separated.
GROUP_ID(UUID - E.G "11111111-1111-1111-1111-111111111111")
c: Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit).
l: Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100).
Example responses
200 Response
{
"technologies": [
{
"tech_id": "string",
"name": "string",
"description": "string",
"type": "string",
"link": "string",
"outdated": true,
"loc_id": 0,
"loc_url": "string",
"detected_version": {
"start": "string",
"end": "string",
"cvss_score": 0
},
"branch_upgrade": {
"version": "string",
"cvss_score": 0
},
"upgrade": {
"version": "string",
"cvss_score": 0
}
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Technologies list | TechnologiesListResponse |
| default | Default | Error | ErrorDescriptionResponse |
get_scan_technology_vulnerabilities
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/targets/{target_id}/technologies/{tech_id}/vulnerabilities \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /targets/{target_id}/technologies/{tech_id}/vulnerabilities
Technology Vulnerabilities For This Target
Returns Vulnerabilities found during a Scan for a specific Technology
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| c | query | string | false | Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit). |
| l | query | integer | false | Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100). |
| q | query | string(search) | false | Query to filter results based on a number of filters. |
| s | query | string | false | none |
| target_id | path | string(uuid) | true | Target unique identifier |
| tech_id | path | string | true | Technology identifier |
Detailed descriptions
c: Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit).
l: Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100).
q: Query to filter results based on a number of filters.
List of Filters:
Scans
-
target: Specific target to filter for. Only accepts filtering of single targets.
TARGET_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
threat: Level of severity to filter scans by. Do note that multiple threats can be added and are comma-separated (e.g.
?threat=3,2)- 4: Critical
- 3: High
- 2: Medium
- 1: Low
- 0: Informational
-
business_criticality: Level of business criticality to filter scans for. Multiple values can be added and are comma-separated (e.g.
?business_criticality=30,10)- 30: Critical
- 20: High
- 10: Normal
- 0: Low
-
scan_status: Scan state to filter by. Multiple values can be added and are comma-separated (e.g.
?scan_status=completed,queued)- aborting
- completed
- failed
- processing
- queued
- scheduled
- starting
-
profile_id: Scan type to filter scans by (e.g. Crawl Only). Multiple scan types can be added and are comma-separated.
PROFILE_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
group_id: Target group to filter scans by. Target groups are not preset and thus are custom set for each Acunetix instance. Multiple target groups can be added and are comma-separated.
GROUP_ID(UUID - E.G "11111111-1111-1111-1111-111111111111")
Example responses
200 Response
{
"vulnerabilities": [
{
"status": "fixed",
"comment": "string",
"target_description": "string",
"vuln_id": "string",
"target_vuln_id": "string",
"issue_id": "string",
"issue_tracker_id": "string",
"issue_url": "string",
"vt_name": "string",
"criticality": 0,
"vt_id": "2f7d0267-c402-4b34-84d9-74f7d7796a96",
"affects_detail": "string",
"affects_url": "string",
"source": "string",
"loc_id": 0,
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"first_seen": "2019-08-24",
"last_seen": "2019-08-24",
"severity": 0,
"tags": [
"string"
],
"continuous": true,
"confidence": 0,
"vt_created": "string",
"vt_updated": "string",
"app": "string",
"archived": true
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Vulnerabilities list | VulnerabilityListResponse |
| default | Default | Error | ErrorDescriptionResponse |
search_crawl_data
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/scans/{scan_id}/results/{result_id}/crawldata \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /scans/{scan_id}/results/{result_id}/crawldata
Scan Result Crawl Data
Search Crawl Data of a Scan
The response will return a Location header with a URI in the format of /scans/{scan_id}/results/{result_id}/crawldata/{loc_id}/children. If no search query (q) parameter is passed, the response will return the URI of the Crawl Root
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| c | query | string | false | Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit). |
| l | query | integer | false | Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100). |
| q | query | string(search) | false | Query to filter results based on a number of filters. |
| s | query | string | false | none |
| result_id | path | string(uuid) | true | Scan result unique identifier |
| scan_id | path | string(uuid) | true | Scan unique identifier |
Detailed descriptions
c: Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit).
l: Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100).
q: Query to filter results based on a number of filters.
List of Filters:
Scans
-
target: Specific target to filter for. Only accepts filtering of single targets.
TARGET_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
threat: Level of severity to filter scans by. Do note that multiple threats can be added and are comma-separated (e.g.
?threat=3,2)- 4: Critical
- 3: High
- 2: Medium
- 1: Low
- 0: Informational
-
business_criticality: Level of business criticality to filter scans for. Multiple values can be added and are comma-separated (e.g.
?business_criticality=30,10)- 30: Critical
- 20: High
- 10: Normal
- 0: Low
-
scan_status: Scan state to filter by. Multiple values can be added and are comma-separated (e.g.
?scan_status=completed,queued)- aborting
- completed
- failed
- processing
- queued
- scheduled
- starting
-
profile_id: Scan type to filter scans by (e.g. Crawl Only). Multiple scan types can be added and are comma-separated.
PROFILE_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
group_id: Target group to filter scans by. Target groups are not preset and thus are custom set for each Acunetix instance. Multiple target groups can be added and are comma-separated.
GROUP_ID(UUID - E.G "11111111-1111-1111-1111-111111111111")
Example responses
200 Response
{
"locations": [
{
"loc_id": 0,
"name": "string",
"path": "string",
"loc_type": "file",
"source_id": 0,
"parent_id": 0,
"tags": "string",
"fragments": "string",
"excluded": true
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Locations list | CrawlLocationListResponse |
| 302 | Found | Crawl Root URI | None |
| default | Default | Error | ErrorDescriptionResponse |
Response Headers
| Status | Header | Type | Format | Description |
|---|---|---|---|---|
| 302 | Location | string | url | Crawl location URI |
get_location_details
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/scans/{scan_id}/results/{result_id}/crawldata/{loc_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /scans/{scan_id}/results/{result_id}/crawldata/{loc_id}
Scan Result Crawl Data Location
Returns a list of Crawl Data Location properties
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| result_id | path | string(uuid) | true | Scan result unique identifier |
| scan_id | path | string(uuid) | true | Scan unique identifier |
| loc_id | path | integer(int32) | true | Location identifier from the crawl data. Can be 0, in which case the crawl data root is referenced |
Detailed descriptions
loc_id: Location identifier from the crawl data. Can be 0, in which case the crawl data root is referenced
Example responses
200 Response
{
"loc_id": 0,
"parent_id": 0,
"source_id": 0,
"url": "string",
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"threat": 0
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Location properties | CrawlLocationDetails |
| default | Default | Error | ErrorDescriptionResponse |
get_location_children
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/scans/{scan_id}/results/{result_id}/crawldata/{loc_id}/children \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /scans/{scan_id}/results/{result_id}/crawldata/{loc_id}/children
Scan Result Crawl Data Location Children
Returns a list of Children of the Location identified by loc_id
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| c | query | string | false | Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit). |
| l | query | integer | false | Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100). |
| s | query | string | false | none |
| result_id | path | string(uuid) | true | Scan result unique identifier |
| scan_id | path | string(uuid) | true | Scan unique identifier |
| loc_id | path | integer(int32) | true | Location identifier from the crawl data. Can be 0, in which case the crawl data root is referenced |
Detailed descriptions
c: Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit).
l: Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100).
loc_id: Location identifier from the crawl data. Can be 0, in which case the crawl data root is referenced
Example responses
200 Response
{
"locations": [
{
"loc_id": 0,
"name": "string",
"path": "string",
"loc_type": "file",
"source_id": 0,
"parent_id": 0,
"tags": "string",
"fragments": "string",
"excluded": true
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Locations | CrawlLocationListResponse |
| default | Default | Error | ErrorDescriptionResponse |
get_location_vulnerabilities
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/scans/{scan_id}/results/{result_id}/crawldata/{loc_id}/vulnerabilities \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /scans/{scan_id}/results/{result_id}/crawldata/{loc_id}/vulnerabilities
Scan Result crawl data vulnerabilities
Returns a list of Vulnerabilities for the specified Location
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| result_id | path | string(uuid) | true | Scan result unique identifier |
| scan_id | path | string(uuid) | true | Scan unique identifier |
| loc_id | path | integer(int32) | true | Location identifier from the crawl data. Can be 0, in which case the crawl data root is referenced |
| c | query | string | false | Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit). |
| l | query | integer | false | Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100). |
| s | query | string | false | none |
Detailed descriptions
loc_id: Location identifier from the crawl data. Can be 0, in which case the crawl data root is referenced
c: Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit).
l: Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100).
Example responses
200 Response
{
"vulnerabilities": [
{
"status": "fixed",
"comment": "string",
"target_description": "string",
"vuln_id": "string",
"target_vuln_id": "string",
"issue_id": "string",
"issue_tracker_id": "string",
"issue_url": "string",
"vt_name": "string",
"criticality": 0,
"vt_id": "2f7d0267-c402-4b34-84d9-74f7d7796a96",
"affects_detail": "string",
"affects_url": "string",
"source": "string",
"loc_id": 0,
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"first_seen": "2019-08-24",
"last_seen": "2019-08-24",
"severity": 0,
"tags": [
"string"
],
"continuous": true,
"confidence": 0,
"vt_created": "string",
"vt_updated": "string",
"app": "string",
"archived": true
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Vulnerabilities list | VulnerabilityListResponse |
| default | Default | Error | ErrorDescriptionResponse |
get_statistics
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/scans/{scan_id}/results/{result_id}/statistics \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /scans/{scan_id}/results/{result_id}/statistics
Scan Statistics
Returns a list of Scan Statistics
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| result_id | path | string(uuid) | true | Scan result unique identifier |
| scan_id | path | string(uuid) | true | Scan unique identifier |
Example responses
200 Response
{
"status": "scheduled",
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"scanning_app": {
"wvs": {
"abort_requested": true,
"start_date": "string",
"end_date": "string",
"end_deadline": "string",
"event_level": 0,
"main": {
"start_date": "string",
"duration": 0,
"status": "string",
"progress": 0,
"messages": [
{
"kind": "string",
"data": "string",
"time": "string",
"level": "string",
"target_info": {
"host": "string",
"target_id": "string"
}
}
],
"status_statistics": {
"operationStatsByRun": [
{
"operation_name": "string",
"number_of_runs": 0,
"total_duration": 0,
"average_duration": 0
}
],
"operationStatsByTotalDuration": [
{
"operation_name": "string",
"number_of_runs": 0,
"total_duration": 0,
"average_duration": 0
}
],
"locationStatsByRequest": [
{
"location_name": "string",
"number_of_requests": 0,
"total_duration": 0,
"average_duration": 0
}
],
"locationStatsByAvgDuration": [
{
"location_name": "string",
"number_of_requests": 0,
"total_duration": 0,
"average_duration": 0
}
],
"locationStatsByTotalDuration": [
{
"location_name": "string",
"number_of_requests": 0,
"total_duration": 0,
"average_duration": 0
}
]
},
"vulns": [
{
"name": "string",
"time": "string",
"vuln_id": "string",
"severity": 0,
"target_info": {
"host": "string",
"target_id": "string"
}
}
],
"web_scan_status": {
"avg_response_time": 0,
"locations": 0,
"max_response_time": 0,
"request_count": 0
}
},
"hosts": {
"property1": {
"host": "string",
"aborted": "string",
"aborted_reason": "string",
"external_hosts": [
"string"
],
"is_starting_host": true,
"sensor_detected": true,
"target_info": {
"os": "string",
"responsive": true,
"server": "string",
"technologies": [
"string"
],
"web_scan_status": {
"avg_response_time": 0,
"locations": 0,
"max_response_time": 0,
"request_count": 0
}
}
},
"property2": {
"host": "string",
"aborted": "string",
"aborted_reason": "string",
"external_hosts": [
"string"
],
"is_starting_host": true,
"sensor_detected": true,
"target_info": {
"os": "string",
"responsive": true,
"server": "string",
"technologies": [
"string"
],
"web_scan_status": {
"avg_response_time": 0,
"locations": 0,
"max_response_time": 0,
"request_count": 0
}
}
}
},
"build": "string"
},
"ovas": {
"abort_requested": true,
"start_date": "string",
"end_date": "string",
"end_deadline": "string",
"event_level": 0,
"main": {
"start_date": "string",
"duration": 0,
"status": "string",
"progress": 0,
"messages": [
{
"kind": "string",
"data": "string",
"time": "string",
"level": "string",
"target_info": {
"host": "string",
"target_id": "string"
}
}
],
"status_statistics": {
"operationStatsByRun": [
{
"operation_name": "string",
"number_of_runs": 0,
"total_duration": 0,
"average_duration": 0
}
],
"operationStatsByTotalDuration": [
{
"operation_name": "string",
"number_of_runs": 0,
"total_duration": 0,
"average_duration": 0
}
],
"locationStatsByRequest": [
{
"location_name": "string",
"number_of_requests": 0,
"total_duration": 0,
"average_duration": 0
}
],
"locationStatsByAvgDuration": [
{
"location_name": "string",
"number_of_requests": 0,
"total_duration": 0,
"average_duration": 0
}
],
"locationStatsByTotalDuration": [
{
"location_name": "string",
"number_of_requests": 0,
"total_duration": 0,
"average_duration": 0
}
]
},
"vulns": [
{
"name": "string",
"time": "string",
"vuln_id": "string",
"severity": 0,
"target_info": {
"host": "string",
"target_id": "string"
}
}
],
"web_scan_status": {
"avg_response_time": 0,
"locations": 0,
"max_response_time": 0,
"request_count": 0
}
},
"hosts": {
"property1": {
"host": "string",
"aborted": "string",
"aborted_reason": "string",
"external_hosts": [
"string"
],
"is_starting_host": true,
"sensor_detected": true,
"target_info": {
"os": "string",
"responsive": true,
"server": "string",
"technologies": [
"string"
],
"web_scan_status": {
"avg_response_time": 0,
"locations": 0,
"max_response_time": 0,
"request_count": 0
}
}
},
"property2": {
"host": "string",
"aborted": "string",
"aborted_reason": "string",
"external_hosts": [
"string"
],
"is_starting_host": true,
"sensor_detected": true,
"target_info": {
"os": "string",
"responsive": true,
"server": "string",
"technologies": [
"string"
],
"web_scan_status": {
"avg_response_time": 0,
"locations": 0,
"max_response_time": 0,
"request_count": 0
}
}
}
},
"build": "string"
}
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Scan statistics | ScanStatistics |
| default | Default | Error | ErrorDescriptionResponse |
get_target_technologies
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/targets/{target_id}/technologies \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /targets/{target_id}/technologies
Latest Technologies Found On Target
Returns Technologies found during a Scan
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
200 Response
{
"technologies": [
{
"tech_id": "string",
"name": "string",
"description": "string",
"type": "string",
"link": "string",
"outdated": true,
"loc_id": 0,
"loc_url": "string",
"detected_version": {
"start": "string",
"end": "string",
"cvss_score": 0
},
"branch_upgrade": {
"version": "string",
"cvss_score": 0
},
"upgrade": {
"version": "string",
"cvss_score": 0
}
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Technologies list | TechnologiesListResponse |
| default | Default | Error | ErrorDescriptionResponse |
ScanningProfiles
get_scanning_profiles
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/scanning_profiles \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /scanning_profiles
Scan Types (Scanning Profiles)
Returns a list of Scan Types (Scanning Profiles)
Example responses
200 Response
{
"scanning_profiles": [
{
"name": "string",
"profile_id": "bfcb6779-b1f9-41fc-92d7-88f8bc1d12e8",
"sort_order": 1000,
"custom": true,
"checks": [
"string"
]
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | List of Scan Types (Scanning Profiles) | ScanningProfilesResponse |
| default | Default | Error | ErrorDescriptionResponse |
create_scanning_profile
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/scanning_profiles \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /scanning_profiles
Create Scan Type (Scanning Profile)
Creates a new Scan Type (Scanning Profile)
Body parameter
{
"name": "string",
"profile_id": "bfcb6779-b1f9-41fc-92d7-88f8bc1d12e8",
"sort_order": 1000,
"custom": true,
"checks": [
"string"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | ScanningProfile | true | none |
Example responses
201 Response
{
"name": "string",
"profile_id": "bfcb6779-b1f9-41fc-92d7-88f8bc1d12e8",
"sort_order": 1000,
"custom": true,
"checks": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Scan Type (Scanning Profile) added | ScanningProfile |
| default | Default | Error | ErrorDescriptionResponse |
Response Headers
| Status | Header | Type | Format | Description |
|---|---|---|---|---|
| 201 | Location | string | url | Scan Type (Scanning Profile) URI |
get_scanning_profile
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/scanning_profiles/{scanning_profile_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /scanning_profiles/{scanning_profile_id}
Scan Type (Scanning Profile)
Returns a list of a Scan Type's (Scanning Profile) properties
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| scanning_profile_id | path | string(uuid) | true | Scanning Profile unique identifier |
Example responses
200 Response
{
"name": "string",
"profile_id": "bfcb6779-b1f9-41fc-92d7-88f8bc1d12e8",
"sort_order": 1000,
"custom": true,
"checks": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Scan Types (Scanning Profiles) | ScanningProfile |
| default | Default | Error | ErrorDescriptionResponse |
delete_scanning_profile
Code samples
# You can also use wget
curl -X DELETE https://127.0.0.1:3443/api/v1/scanning_profiles/{scanning_profile_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
DELETE /scanning_profiles/{scanning_profile_id}
Scan Type (Scanning Profile)
Deletes a Scan Type (Scanning Profile)
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| scanning_profile_id | path | string(uuid) | true | Scanning Profile unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Scan Type (Scanning Profile) deleted | None |
| default | Default | Error | ErrorDescriptionResponse |
update_scanning_profile
Code samples
# You can also use wget
curl -X PATCH https://127.0.0.1:3443/api/v1/scanning_profiles/{scanning_profile_id} \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
PATCH /scanning_profiles/{scanning_profile_id}
Scan Type (Scanning Profile)
Modifies Scan Type (Scanning Profile)
Body parameter
{
"name": "string",
"profile_id": "bfcb6779-b1f9-41fc-92d7-88f8bc1d12e8",
"sort_order": 1000,
"custom": true,
"checks": [
"string"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | ScanningProfile | true | none |
| scanning_profile_id | path | string(uuid) | true | Scanning Profile unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Scan Type (Scanning Profile) modified | None |
| default | Default | Error | ErrorDescriptionResponse |
Scans
get_continuous_scans
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/targets/{target_id}/continuous_scan/list \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /targets/{target_id}/continuous_scan/list
List Target Continuous Scans
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| target_id | path | string(uuid) | true | Target unique identifier |
| c | query | string | false | Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit). |
| l | query | integer | false | Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100). |
| s | query | string | false | none |
Detailed descriptions
c: Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit).
l: Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100).
Example responses
200 Response
{
"scans": [
{
"start_date": "2019-08-24",
"end_date": "2019-08-24",
"scan_type": "string",
"status": "string"
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Continuous Scan status | ContinuousScanListResponse |
| default | Default | Error | ErrorDescriptionResponse |
get_scans
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/scans \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /scans
Scans
Returns a list of Scans. The returned list will be paginated if the number of elements exceeds 100. Additionally, a combination of cursors, queries and limits can be used to extract a subset of all the scans.
Get all scans
curl --request GET --url "https://localhost:3443/api/v1/scans" --header "X-Auth: API_KEY" --header "Content-type: application/json"
Get the 2nd (cursor) up to 4th (limit - exclusive) list of scans
curl --request GET --url "https://localhost:3443/api/v1/scans?c=2&l=1" --header "X-Auth: API_KEY" --header "Content-type: application/json"
Get the 2nd (cursor) up to 4th (limit - exclusive) list of scans that have high severity vulnerabilities for a specific target
curl --request GET --url "https://localhost:3443/api/v1/scans?c=2&l=1&q=threat:3;target_id:TARGET_ID" --header "X-Auth: API_KEY" --header "Content-type: application/json"
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| c | query | string | false | Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit). |
| l | query | integer | false | Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100). |
| q | query | string(search) | false | Query to filter results based on a number of filters. |
| s | query | string | false | none |
Detailed descriptions
c: Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit).
l: Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100).
q: Query to filter results based on a number of filters.
List of Filters:
Scans
-
target: Specific target to filter for. Only accepts filtering of single targets.
TARGET_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
threat: Level of severity to filter scans by. Do note that multiple threats can be added and are comma-separated (e.g.
?threat=3,2)- 4: Critical
- 3: High
- 2: Medium
- 1: Low
- 0: Informational
-
business_criticality: Level of business criticality to filter scans for. Multiple values can be added and are comma-separated (e.g.
?business_criticality=30,10)- 30: Critical
- 20: High
- 10: Normal
- 0: Low
-
scan_status: Scan state to filter by. Multiple values can be added and are comma-separated (e.g.
?scan_status=completed,queued)- aborting
- completed
- failed
- processing
- queued
- scheduled
- starting
-
profile_id: Scan type to filter scans by (e.g. Crawl Only). Multiple scan types can be added and are comma-separated.
PROFILE_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
group_id: Target group to filter scans by. Target groups are not preset and thus are custom set for each Acunetix instance. Multiple target groups can be added and are comma-separated.
GROUP_ID(UUID - E.G "11111111-1111-1111-1111-111111111111")
Example responses
200 Response
{
"scans": [
{
"user_authorized_to_scan": "yes",
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"profile_id": "bfcb6779-b1f9-41fc-92d7-88f8bc1d12e8",
"report_template_id": "e89ef7db-4101-4c97-b7ab-9249efd2d3cd",
"schedule": {
"disable": true,
"time_sensitive": true,
"history_limit": 10,
"start_date": "string",
"recurrence": "string",
"triggerable": false
},
"max_scan_time": 0,
"incremental": false,
"next_run": "2019-08-24",
"current_session": {
"status": "scheduled",
"event_level": 0,
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"progress": 100,
"start_date": "2019-08-24",
"threat": 0,
"scan_session_id": "a59b845e-cdb0-42cc-a137-8283888038d3",
"acusensor": true
},
"previous_session": {
"status": "scheduled",
"event_level": 0,
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"progress": 100,
"start_date": "2019-08-24",
"threat": 0,
"scan_session_id": "a59b845e-cdb0-42cc-a137-8283888038d3",
"acusensor": true
},
"target": {
"address": "string",
"description": "",
"type": "default",
"criticality": 30,
"fqdn_status": "string",
"fqdn_tm_hash": "string",
"deleted_at": "string",
"fqdn": "string",
"fqdn_hash": "string",
"default_scanning_profile_id": "string",
"agents": [
{
"agent_id": "2b1e3b65-2c04-4fa2-a2d7-467901e98978",
"name": "string"
}
],
"default_overrides": {
"auth": "string",
"scan": "string"
}
},
"criticality": 0,
"profile_name": "string",
"scan_id": "9a59f0f5-5572-476d-a7fc-c960ef43a5af",
"start_date": "2019-08-24T14:15:22Z",
"manual_intervention": true
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Scans list | ScanListResponse |
| default | Default | Error | ErrorDescriptionResponse |
schedule_scan
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/scans \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /scans
Schedule Scan
Schedule a scan to run, by optionally specifying the target, schedule, scan type, report and recurrence.
Note: The Scan ID is not provided in the response body. It is instead provided in the
Locationresponse header.
Note: For any cURL requests, POST data inside the
--dataparameter may need to have double-quotes escaped (" -> \")
Schedule a "Full Scan" for a Scan Target to run immediately
curl --request POST --url "https://acunetix-installation/api/v1/scans" --header "X-Auth: {API_KEY}" --header "Content-Type: application/json" --data '{"target_id": "{TARGET_UUID}", "profile_id": "11111111-1111-1111-1111-111111111111", "schedule": {"disable":false,"start_date":null,"time_sensitive":false}}'
Schedule a "Crawl Only" scan for a Scan Target to run every third Thursday
curl --request POST --url "https://acunetix-installation/api/v1/scans" --header "X-Auth: {API_KEY}" --header "Content-Type: application/json" --data "{"target_id":"{TARGET_ID}","profile_id":"11111111-1111-1111-1111-111111111111","schedule":{"disable":false,"recurrence":"DTSTART:20180112T003000Z\nFREQ=WEEKLY;INTERVAL=1;BYDAY=TH","time_sensitive":true}}"
Body parameter
{
"user_authorized_to_scan": "yes",
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"profile_id": "bfcb6779-b1f9-41fc-92d7-88f8bc1d12e8",
"report_template_id": "e89ef7db-4101-4c97-b7ab-9249efd2d3cd",
"schedule": {
"disable": true,
"time_sensitive": true,
"history_limit": 10,
"start_date": "string",
"recurrence": "string",
"triggerable": false
},
"max_scan_time": 0,
"incremental": false
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | Scan | true | none |
Example responses
201 Response
{
"user_authorized_to_scan": "yes",
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"profile_id": "bfcb6779-b1f9-41fc-92d7-88f8bc1d12e8",
"report_template_id": "e89ef7db-4101-4c97-b7ab-9249efd2d3cd",
"schedule": {
"disable": true,
"time_sensitive": true,
"history_limit": 10,
"start_date": "string",
"recurrence": "string",
"triggerable": false
},
"max_scan_time": 0,
"incremental": false,
"next_run": "2019-08-24",
"current_session": {
"status": "scheduled",
"event_level": 0,
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"progress": 100,
"start_date": "2019-08-24",
"threat": 0,
"scan_session_id": "a59b845e-cdb0-42cc-a137-8283888038d3",
"acusensor": true
},
"previous_session": {
"status": "scheduled",
"event_level": 0,
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"progress": 100,
"start_date": "2019-08-24",
"threat": 0,
"scan_session_id": "a59b845e-cdb0-42cc-a137-8283888038d3",
"acusensor": true
},
"target": {
"address": "string",
"description": "",
"type": "default",
"criticality": 30,
"fqdn_status": "string",
"fqdn_tm_hash": "string",
"deleted_at": "string",
"fqdn": "string",
"fqdn_hash": "string",
"default_scanning_profile_id": "string",
"agents": [
{
"agent_id": "2b1e3b65-2c04-4fa2-a2d7-467901e98978",
"name": "string"
}
],
"default_overrides": {
"auth": "string",
"scan": "string"
}
},
"criticality": 0,
"profile_name": "string",
"scan_id": "9a59f0f5-5572-476d-a7fc-c960ef43a5af",
"start_date": "2019-08-24T14:15:22Z",
"manual_intervention": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Scan scheduled | ScanItemResponse |
| default | Default | Error | ErrorDescriptionResponse |
Response Headers
| Status | Header | Type | Format | Description |
|---|---|---|---|---|
| 201 | Location | string | url | Scan URI containing the base API URL along with the new Scan ID |
trigger_scan
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/scans/{scan_id}/trigger \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /scans/{scan_id}/trigger
Trigger Scan a new scan session
Triggers a new Scan session
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| scan_id | path | string(uuid) | true | Scan unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Scan aborted | None |
| default | Default | Error | ErrorDescriptionResponse |
abort_scan
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/scans/{scan_id}/abort \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /scans/{scan_id}/abort
Abort Scan
Aborts a Scan
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| scan_id | path | string(uuid) | true | Scan unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Scan aborted | None |
| default | Default | Error | ErrorDescriptionResponse |
resume_scan
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/scans/{scan_id}/resume \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /scans/{scan_id}/resume
Resume Scan
Resumes a Scan
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| scan_id | path | string(uuid) | true | Scan unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Scan resumed | None |
| default | Default | Error | ErrorDescriptionResponse |
get_scan
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/scans/{scan_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /scans/{scan_id}
Scan
Returns a list of a Scan's properties
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| scan_id | path | string(uuid) | true | Scan unique identifier |
Example responses
200 Response
{
"user_authorized_to_scan": "yes",
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"profile_id": "bfcb6779-b1f9-41fc-92d7-88f8bc1d12e8",
"report_template_id": "e89ef7db-4101-4c97-b7ab-9249efd2d3cd",
"schedule": {
"disable": true,
"time_sensitive": true,
"history_limit": 10,
"start_date": "string",
"recurrence": "string",
"triggerable": false
},
"max_scan_time": 0,
"incremental": false,
"next_run": "2019-08-24",
"current_session": {
"status": "scheduled",
"event_level": 0,
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"progress": 100,
"start_date": "2019-08-24",
"threat": 0,
"scan_session_id": "a59b845e-cdb0-42cc-a137-8283888038d3",
"acusensor": true
},
"previous_session": {
"status": "scheduled",
"event_level": 0,
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"progress": 100,
"start_date": "2019-08-24",
"threat": 0,
"scan_session_id": "a59b845e-cdb0-42cc-a137-8283888038d3",
"acusensor": true
},
"target": {
"address": "string",
"description": "",
"type": "default",
"criticality": 30,
"fqdn_status": "string",
"fqdn_tm_hash": "string",
"deleted_at": "string",
"fqdn": "string",
"fqdn_hash": "string",
"default_scanning_profile_id": "string",
"agents": [
{
"agent_id": "2b1e3b65-2c04-4fa2-a2d7-467901e98978",
"name": "string"
}
],
"default_overrides": {
"auth": "string",
"scan": "string"
}
},
"criticality": 0,
"profile_name": "string",
"scan_id": "9a59f0f5-5572-476d-a7fc-c960ef43a5af",
"start_date": "2019-08-24T14:15:22Z",
"manual_intervention": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Scan properties | ScanItemResponse |
| default | Default | Error | ErrorDescriptionResponse |
update_scan
Code samples
# You can also use wget
curl -X PATCH https://127.0.0.1:3443/api/v1/scans/{scan_id} \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
PATCH /scans/{scan_id}
Scan
Modifies a Scan
Body parameter
{
"user_authorized_to_scan": "yes",
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"profile_id": "bfcb6779-b1f9-41fc-92d7-88f8bc1d12e8",
"report_template_id": "e89ef7db-4101-4c97-b7ab-9249efd2d3cd",
"schedule": {
"disable": true,
"time_sensitive": true,
"history_limit": 10,
"start_date": "string",
"recurrence": "string",
"triggerable": false
},
"max_scan_time": 0,
"incremental": false
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | Scan | true | none |
| scan_id | path | string(uuid) | true | Scan unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Scan modified | None |
| default | Default | Error | ErrorDescriptionResponse |
remove_scan
Code samples
# You can also use wget
curl -X DELETE https://127.0.0.1:3443/api/v1/scans/{scan_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
DELETE /scans/{scan_id}
Scan
Deletes a Scan
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| scan_id | path | string(uuid) | true | Scan unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Scan deleted | None |
| default | Default | Error | ErrorDescriptionResponse |
get_scan_result_history
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/scans/{scan_id}/results \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /scans/{scan_id}/results
Scan Results
Returns Scan Results across multiple Scan runs
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| c | query | string | false | Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit). |
| l | query | integer | false | Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100). |
| s | query | string | false | none |
| scan_id | path | string(uuid) | true | Scan unique identifier |
Detailed descriptions
c: Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit).
l: Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100).
Example responses
200 Response
{
"results": [
{
"scan_id": "9a59f0f5-5572-476d-a7fc-c960ef43a5af",
"result_id": "cd1ea384-5045-47f3-9678-d1fc6f8c8581",
"start_date": "2019-08-24T14:15:22Z",
"end_date": "2019-08-24T14:15:22Z",
"status": "string"
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Scan Results | ScanResultListResponse |
| default | Default | Error | ErrorDescriptionResponse |
TargetGroups
get_groups
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/target_groups \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /target_groups
Target Groups
Returns a list of Target Groups
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| q | query | string(search) | false | Query to filter results based on a number of filters. |
| c | query | string | false | Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit). |
| l | query | integer | false | Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100). |
| s | query | string | false | none |
Detailed descriptions
q: Query to filter results based on a number of filters.
List of Filters:
Scans
-
target: Specific target to filter for. Only accepts filtering of single targets.
TARGET_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
threat: Level of severity to filter scans by. Do note that multiple threats can be added and are comma-separated (e.g.
?threat=3,2)- 4: Critical
- 3: High
- 2: Medium
- 1: Low
- 0: Informational
-
business_criticality: Level of business criticality to filter scans for. Multiple values can be added and are comma-separated (e.g.
?business_criticality=30,10)- 30: Critical
- 20: High
- 10: Normal
- 0: Low
-
scan_status: Scan state to filter by. Multiple values can be added and are comma-separated (e.g.
?scan_status=completed,queued)- aborting
- completed
- failed
- processing
- queued
- scheduled
- starting
-
profile_id: Scan type to filter scans by (e.g. Crawl Only). Multiple scan types can be added and are comma-separated.
PROFILE_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
group_id: Target group to filter scans by. Target groups are not preset and thus are custom set for each Acunetix instance. Multiple target groups can be added and are comma-separated.
GROUP_ID(UUID - E.G "11111111-1111-1111-1111-111111111111")
c: Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit).
l: Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100).
Example responses
200 Response
{
"groups": [
{
"group_id": "306db4e0-7449-4501-b76f-075576fe2d8f",
"name": "string",
"target_count": 0,
"description": "string",
"vuln_count": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | List of Target Groups | TargetGroupsListResponse |
| default | Default | Error | ErrorDescriptionResponse |
add_group
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/target_groups \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /target_groups
Create Target Group
Creates a Target Group
Body parameter
{
"group_id": "306db4e0-7449-4501-b76f-075576fe2d8f",
"name": "string",
"target_count": 0,
"description": "string",
"vuln_count": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | TargetGroup | true | none |
Example responses
201 Response
{
"group_id": "306db4e0-7449-4501-b76f-075576fe2d8f",
"name": "string",
"target_count": 0,
"description": "string",
"vuln_count": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Target Group created | TargetGroup |
| default | Default | Error | ErrorDescriptionResponse |
Response Headers
| Status | Header | Type | Format | Description |
|---|---|---|---|---|
| 201 | Location | string | url | Target Group URI |
get_group
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/target_groups/{group_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /target_groups/{group_id}
Target Group
Returns a list of Target Group properties
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| group_id | path | string(uuid) | true | Group unique identifier |
Example responses
200 Response
{
"group_id": "306db4e0-7449-4501-b76f-075576fe2d8f",
"name": "string",
"target_count": 0,
"description": "string",
"vuln_count": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Target Group | TargetGroup |
| default | Default | Error | ErrorDescriptionResponse |
delete_group
Code samples
# You can also use wget
curl -X DELETE https://127.0.0.1:3443/api/v1/target_groups/{group_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
DELETE /target_groups/{group_id}
Delete Target Group
Deletes a Target Group
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| group_id | path | string(uuid) | true | Group unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Target Group deleted | None |
| default | Default | Error | ErrorDescriptionResponse |
change_group
Code samples
# You can also use wget
curl -X PATCH https://127.0.0.1:3443/api/v1/target_groups/{group_id} \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
PATCH /target_groups/{group_id}
Target Group
Modifies Target Group
Body parameter
{
"group_id": "306db4e0-7449-4501-b76f-075576fe2d8f",
"name": "string",
"target_count": 0,
"description": "string",
"vuln_count": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | TargetGroup | true | none |
| group_id | path | string(uuid) | true | Group unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Target Group modified | None |
| default | Default | Error | ErrorDescriptionResponse |
delete_groups
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/target_groups/delete \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /target_groups/delete
Target Group
deletes Target Groups
Body parameter
{
"group_id_list": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | TargetGroupIdList | true | none |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Target Group modified | None |
| default | Default | Error | ErrorDescriptionResponse |
list_targets
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/target_groups/{group_id}/targets \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /target_groups/{group_id}/targets
Targets in Target Group
Returns a list of Targets in a Target Group
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| group_id | path | string(uuid) | true | Group unique identifier |
Example responses
200 Response
{
"target_id_list": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Targets in Target Group | TargetIdList |
| default | Default | Error | ErrorDescriptionResponse |
change_targets
Code samples
# You can also use wget
curl -X PATCH https://127.0.0.1:3443/api/v1/target_groups/{group_id}/targets \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
PATCH /target_groups/{group_id}/targets
Targets in Target Group
Modifies one or more Targets in a Target Group
Body parameter
{
"remove": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"add": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | GroupChangeTargetIdList | true | Targets modify in Target Group |
| group_id | path | string(uuid) | true | Group unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Targets in Target Group modified | None |
| default | Default | Error | ErrorDescriptionResponse |
set_targets
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/target_groups/{group_id}/targets \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /target_groups/{group_id}/targets
Assign Targets to Target Group
Assigns one or more Targets to a Target Group
Body parameter
{
"target_id_list": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | TargetIdList | true | Targets to assign to Target Group |
| group_id | path | string(uuid) | true | Group unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Targets assigned to Target Group | None |
| default | Default | Error | ErrorDescriptionResponse |
Targets
get_targets
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/targets \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /targets
Targets
Returns a list of Targets. The returned list will be paginated if the number of elements exceeds 100
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| c | query | string | false | Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit). |
| l | query | integer | false | Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100). |
| q | query | string(search) | false | Query to filter results based on a number of filters. |
| s | query | string | false | none |
Detailed descriptions
c: Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit).
l: Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100).
q: Query to filter results based on a number of filters.
List of Filters:
Scans
-
target: Specific target to filter for. Only accepts filtering of single targets.
TARGET_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
threat: Level of severity to filter scans by. Do note that multiple threats can be added and are comma-separated (e.g.
?threat=3,2)- 4: Critical
- 3: High
- 2: Medium
- 1: Low
- 0: Informational
-
business_criticality: Level of business criticality to filter scans for. Multiple values can be added and are comma-separated (e.g.
?business_criticality=30,10)- 30: Critical
- 20: High
- 10: Normal
- 0: Low
-
scan_status: Scan state to filter by. Multiple values can be added and are comma-separated (e.g.
?scan_status=completed,queued)- aborting
- completed
- failed
- processing
- queued
- scheduled
- starting
-
profile_id: Scan type to filter scans by (e.g. Crawl Only). Multiple scan types can be added and are comma-separated.
PROFILE_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
group_id: Target group to filter scans by. Target groups are not preset and thus are custom set for each Acunetix instance. Multiple target groups can be added and are comma-separated.
GROUP_ID(UUID - E.G "11111111-1111-1111-1111-111111111111")
Example responses
200 Response
{
"targets": [
{
"address": "string",
"description": "",
"type": "default",
"criticality": 30,
"fqdn_status": "string",
"fqdn_tm_hash": "string",
"deleted_at": "string",
"fqdn": "string",
"fqdn_hash": "string",
"default_scanning_profile_id": "string",
"agents": [
{
"agent_id": "2b1e3b65-2c04-4fa2-a2d7-467901e98978",
"name": "string"
}
],
"default_overrides": {
"auth": "string",
"scan": "string"
},
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"scan_authorization": {
"url": "string",
"content": "string"
},
"continuous_mode": true,
"last_scan_date": "2019-08-24",
"last_scan_id": "880bc00e-8f2f-43dc-9a1f-f6ff660d0521",
"last_scan_session_id": "338927ab-dbda-4b74-bf99-beabf49af8cc",
"last_scan_session_status": "string",
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"threat": 0,
"links": [
{
"rel": "string",
"href": "string"
}
],
"manual_intervention": true,
"verification": "string"
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Target list | TargetListResponse |
| default | Default | Error | ErrorDescriptionResponse |
add_target
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/targets \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /targets
Create Target
Creates a Target
Body parameter
{
"address": "string",
"description": "",
"type": "default",
"criticality": 30
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | Target | true | Target properties |
Example responses
201 Response
{
"address": "string",
"description": "",
"type": "default",
"criticality": 30,
"fqdn_status": "string",
"fqdn_tm_hash": "string",
"deleted_at": "string",
"fqdn": "string",
"fqdn_hash": "string",
"default_scanning_profile_id": "string",
"agents": [
{
"agent_id": "2b1e3b65-2c04-4fa2-a2d7-467901e98978",
"name": "string"
}
],
"default_overrides": {
"auth": "string",
"scan": "string"
},
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"scan_authorization": {
"url": "string",
"content": "string"
},
"continuous_mode": true,
"last_scan_date": "2019-08-24",
"last_scan_id": "880bc00e-8f2f-43dc-9a1f-f6ff660d0521",
"last_scan_session_id": "338927ab-dbda-4b74-bf99-beabf49af8cc",
"last_scan_session_status": "string",
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"threat": 0,
"links": [
{
"rel": "string",
"href": "string"
}
],
"manual_intervention": true,
"verification": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Target created | TargetItemResponse |
| default | Default | Error | ErrorDescriptionResponse |
Response Headers
| Status | Header | Type | Format | Description |
|---|---|---|---|---|
| 201 | Location | string | url | Target URI |
add_targets
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/targets/add \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /targets/add
Creates multiple targets
Creates multiple targets
Body parameter
{
"targets": [
{
"address": "string",
"description": "",
"type": "default",
"criticality": 30
}
],
"groups": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | AddTargetsDescriptor | true | Targets properties |
Example responses
200 Response
{
"targets": [
{
"address": "string",
"description": "",
"type": "default",
"criticality": 30,
"fqdn_status": "string",
"fqdn_tm_hash": "string",
"deleted_at": "string",
"fqdn": "string",
"fqdn_hash": "string",
"default_scanning_profile_id": "string",
"agents": [
{
"agent_id": "2b1e3b65-2c04-4fa2-a2d7-467901e98978",
"name": "string"
}
],
"default_overrides": {
"auth": "string",
"scan": "string"
}
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Targets created | TargetItemResponseList |
| default | Default | Error | ErrorDescriptionResponse |
Response Headers
| Status | Header | Type | Format | Description |
|---|---|---|---|---|
| 200 | Location | string | url | Target URI |
remove_targets
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/targets/delete \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /targets/delete
Removes multiple targets
Removes multiple targets
Body parameter
{
"target_id_list": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | TargetIdList | true | Targets |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Targets deleted | None |
| default | Default | Error | ErrorDescriptionResponse |
cvs_export
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/targets/cvs_export \
-H 'Accept: application/octet-stream' \
-H 'X-Auth: API_KEY'
GET /targets/cvs_export
Targets CVS Export
Downloads the targets list in CVS format
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| q | query | string(search) | false | Query to filter results based on a number of filters. |
| s | query | string | false | none |
Detailed descriptions
q: Query to filter results based on a number of filters.
List of Filters:
Scans
-
target: Specific target to filter for. Only accepts filtering of single targets.
TARGET_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
threat: Level of severity to filter scans by. Do note that multiple threats can be added and are comma-separated (e.g.
?threat=3,2)- 4: Critical
- 3: High
- 2: Medium
- 1: Low
- 0: Informational
-
business_criticality: Level of business criticality to filter scans for. Multiple values can be added and are comma-separated (e.g.
?business_criticality=30,10)- 30: Critical
- 20: High
- 10: Normal
- 0: Low
-
scan_status: Scan state to filter by. Multiple values can be added and are comma-separated (e.g.
?scan_status=completed,queued)- aborting
- completed
- failed
- processing
- queued
- scheduled
- starting
-
profile_id: Scan type to filter scans by (e.g. Crawl Only). Multiple scan types can be added and are comma-separated.
PROFILE_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
group_id: Target group to filter scans by. Target groups are not preset and thus are custom set for each Acunetix instance. Multiple target groups can be added and are comma-separated.
GROUP_ID(UUID - E.G "11111111-1111-1111-1111-111111111111")
Example responses
200 Response
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Targets CVS export file | string |
| default | Default | Error | ErrorDescriptionResponse |
get_target
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/targets/{target_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /targets/{target_id}
Target
Returns a list of Target properties
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
200 Response
{
"address": "string",
"description": "",
"type": "default",
"criticality": 30,
"fqdn_status": "string",
"fqdn_tm_hash": "string",
"deleted_at": "string",
"fqdn": "string",
"fqdn_hash": "string",
"default_scanning_profile_id": "string",
"agents": [
{
"agent_id": "2b1e3b65-2c04-4fa2-a2d7-467901e98978",
"name": "string"
}
],
"default_overrides": {
"auth": "string",
"scan": "string"
},
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"scan_authorization": {
"url": "string",
"content": "string"
},
"continuous_mode": true,
"last_scan_date": "2019-08-24",
"last_scan_id": "880bc00e-8f2f-43dc-9a1f-f6ff660d0521",
"last_scan_session_id": "338927ab-dbda-4b74-bf99-beabf49af8cc",
"last_scan_session_status": "string",
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"threat": 0,
"links": [
{
"rel": "string",
"href": "string"
}
],
"manual_intervention": true,
"verification": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Target properties | TargetItemResponse |
| default | Default | Error | ErrorDescriptionResponse |
update_target
Code samples
# You can also use wget
curl -X PATCH https://127.0.0.1:3443/api/v1/targets/{target_id} \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
PATCH /targets/{target_id}
Target
Modifies a Target
Body parameter
{
"address": "string",
"description": "",
"type": "default",
"criticality": 30
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | Target | true | none |
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Target modified | None |
| default | Default | Error | ErrorDescriptionResponse |
remove_target
Code samples
# You can also use wget
curl -X DELETE https://127.0.0.1:3443/api/v1/targets/{target_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
DELETE /targets/{target_id}
Target
Deletes Target
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
200 Response
{
"target_deletion_allowance": 0,
"target_deletion_consumed": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Target deleted | TargetDeletionNotification |
| 204 | No Content | Target deleted | None |
| default | Default | Error | ErrorDescriptionResponse |
get_continuous_scan_status
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/targets/{target_id}/continuous_scan \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /targets/{target_id}/continuous_scan
Target Continuous Scan status
Returns the Continuous Scan status of a Target
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
200 Response
{
"enabled": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Continuous Scan status | ContinuousScanMode |
| default | Default | Error | ErrorDescriptionResponse |
set_continuous_scan_status
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/targets/{target_id}/continuous_scan \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /targets/{target_id}/continuous_scan
Continuous Scan status
Sets the Continuous Scan status of a Target
Body parameter
{
"enabled": true
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | ContinuousScanMode | true | none |
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Continuous Scan status set | None |
| default | Default | Error | ErrorDescriptionResponse |
reset_sensor_secret
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/targets/{target_id}/sensor/reset \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /targets/{target_id}/sensor/reset
Target AcuSensor reset secret
Resets the AcuSensor secret of a Target
Body parameter
{
"secret": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | SensorSecretContainer | true | none |
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
200 Response
{
"secret": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Target AcuSensor secret reset | SensorSecretContainer |
| default | Default | Error | ErrorDescriptionResponse |
download_sensor
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/targets/sensors/{sensor_type}/{sensor_secret} \
-H 'Accept: application/octet-stream'
GET /targets/sensors/{sensor_type}/{sensor_secret}
Target AcuSensor download
Downloads the generated AcuSensor file of a Target
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| sensor_type | path | string | true | AcuSensor type |
| sensor_secret | path | string(md5) | true | AcuSensor secret |
Enumerated Values
| Parameter | Value |
|---|---|
| sensor_type | php |
| sensor_type | net |
| sensor_type | java |
| sensor_type | java3 |
| sensor_type | node |
| sensor_type | net3 |
| sensor_type | undefined |
Example responses
200 Response
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Target AcuSensor file | string |
| default | Default | Error | ErrorDescriptionResponse |
get_allowed_hosts
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/targets/{target_id}/allowed_hosts \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /targets/{target_id}/allowed_hosts
Target Allowed Hosts
Returns a list of Allowed Hosts of a Target
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
200 Response
{
"hosts": [
{
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"address": "string",
"description": ""
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Allowed Hosts list | AllowedHosts |
| default | Default | Error | ErrorDescriptionResponse |
add_allowed_host
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/targets/{target_id}/allowed_hosts \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /targets/{target_id}/allowed_hosts
Target Allowed Hosts
Adds Allowed Hosts to a Target
Body parameter
{
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | TargetIdContainer | true | none |
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Allowed Host added | None |
| default | Default | Error | ErrorDescriptionResponse |
remove_allowed_host
Code samples
# You can also use wget
curl -X DELETE https://127.0.0.1:3443/api/v1/targets/{target_id}/allowed_hosts/{allowed_target_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
DELETE /targets/{target_id}/allowed_hosts/{allowed_target_id}
Target Allowed Host
Deletes an Allowed Host from a Target
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| target_id | path | string(uuid) | true | Target unique identifier |
| allowed_target_id | path | string(uuid) | true | Allowed Target unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Allowed Host deleted | None |
| default | Default | Error | ErrorDescriptionResponse |
get_target_configuration
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/targets/{target_id}/configuration \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /targets/{target_id}/configuration
Target Configuration
Returns a Target's configuration
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
200 Response
{
"description": "Target configuration default values",
"limit_crawler_scope": true,
"login": {
"kind": "none"
},
"sensor": false,
"ssh_credentials": {
"kind": "none"
},
"proxy": {
"enabled": false
},
"authentication": {
"enabled": false
},
"client_certificate_password": "",
"scan_speed": "fast",
"case_sensitive": "auto",
"technologies": [],
"custom_headers": [],
"custom_cookies": [],
"excluded_paths": [],
"user_agent": "",
"debug": false
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Target Configuration properties | TargetConfiguration |
| default | Default | Error | ErrorDescriptionResponse |
configure_target
Code samples
# You can also use wget
curl -X PATCH https://127.0.0.1:3443/api/v1/targets/{target_id}/configuration \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
PATCH /targets/{target_id}/configuration
Target Configuration
Modifies a Target's configuration
Body parameter
{
"description": "Target configuration default values",
"limit_crawler_scope": true,
"login": {
"kind": "none"
},
"sensor": false,
"ssh_credentials": {
"kind": "none"
},
"proxy": {
"enabled": false
},
"authentication": {
"enabled": false
},
"client_certificate_password": "",
"scan_speed": "fast",
"case_sensitive": "auto",
"technologies": [],
"custom_headers": [],
"custom_cookies": [],
"excluded_paths": [],
"user_agent": "",
"debug": false
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | TargetConfiguration | false | Target Configuration (partial configuration will get merged with existing configuration) |
| target_id | path | string(uuid) | true | Target unique identifier |
Detailed descriptions
body: Target Configuration (partial configuration will get merged with existing configuration)
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Target Configuration modified | None |
| default | Default | Error | ErrorDescriptionResponse |
download_login_sequence
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/targets/{target_id}/configuration/login_sequence/download \
-H 'Accept: application/octet-stream' \
-H 'X-Auth: API_KEY'
GET /targets/{target_id}/configuration/login_sequence/download
Target Login Sequence download
Downloads the Login Sequence file of a Target
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
200 Response
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Login Sequence | string |
| default | Default | Error | ErrorDescriptionResponse |
get_login_sequence
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/targets/{target_id}/configuration/login_sequence \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /targets/{target_id}/configuration/login_sequence
Target Login Sequence
Returns a list of a Target's Login Sequence properties
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
200 Response
{
"upload_id": "f2ef591b-135b-46fa-a604-3d4fda5bfbfb",
"name": "string",
"size": 0,
"status": true,
"current_size": 0,
"retrieve_url": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Login Sequence properties | UploadedFile |
| default | Default | Error | ErrorDescriptionResponse |
set_login_sequence
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/targets/{target_id}/configuration/login_sequence \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /targets/{target_id}/configuration/login_sequence
Target Login Sequence
Sets a Login Sequence for a Target
After the operation completes the Login Sequence file (.lsr format) needs to be uploaded via a POST request to the URL returned in the response using application/octet-stream Content-Type within a timeout period. To apply the Login Sequence once uploaded, update the Target's configuration
Body parameter
{
"name": "string",
"size": 0
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | FileUploadDescriptor | true | none |
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
200 Response
{
"upload_url": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Login Sequence temporary file upload URL | UploadLocationResponse |
| default | Default | Error | ErrorDescriptionResponse |
delete_login_sequence
Code samples
# You can also use wget
curl -X DELETE https://127.0.0.1:3443/api/v1/targets/{target_id}/configuration/login_sequence \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
DELETE /targets/{target_id}/configuration/login_sequence
Target Login Sequence
Un-sets and Deletes Login Sequence for a Target
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Login Sequence unset and deleted | None |
| default | Default | Error | ErrorDescriptionResponse |
get_client_certificate
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/targets/{target_id}/configuration/client_certificate \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /targets/{target_id}/configuration/client_certificate
Target Client Certificate
Returns a list of a Target's Client Certificate properties
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
200 Response
{
"upload_id": "f2ef591b-135b-46fa-a604-3d4fda5bfbfb",
"name": "string",
"size": 0,
"status": true,
"current_size": 0,
"retrieve_url": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Client Certificate properties | UploadedFile |
| default | Default | Error | ErrorDescriptionResponse |
set_client_certificate
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/targets/{target_id}/configuration/client_certificate \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /targets/{target_id}/configuration/client_certificate
Target Client Certificate
Sets a Client Certificate for a Target.
The operation requires two steps to be completed. A successful request to this API call will return a temporary URL which MUST be used (within a timeout period) to upload the certificate file.
Once this API Call generates a successful response (containing the ad-hoc upload URL), a second POST request must be made:
The Client Certificate (PKCS12 format) file needs to be uploaded via a POST request to the URL (returned in the first response) using an application/octet-stream Content-Type, within the timeout period.
To apply the Client Certificate once uploaded, update the Target's configuration.
Body parameter
{
"name": "string",
"size": 0
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | FileUploadDescriptor | true | none |
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
200 Response
{
"upload_url": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Temporary Client Certificate file upload URL | UploadLocationResponse |
| default | Default | Error | ErrorDescriptionResponse |
delete_client_certificate
Code samples
# You can also use wget
curl -X DELETE https://127.0.0.1:3443/api/v1/targets/{target_id}/configuration/client_certificate \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
DELETE /targets/{target_id}/configuration/client_certificate
Target Client Certificate
Un-sets and Deletes a Client Certificate and its password for a Target
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Client Certificate and password unset and deleted | None |
| default | Default | Error | ErrorDescriptionResponse |
get_imported_files
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/targets/{target_id}/configuration/imports \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /targets/{target_id}/configuration/imports
Target Import
Returns a list of a Target's Import properties
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
200 Response
{
"files": [
{
"upload_id": "f2ef591b-135b-46fa-a604-3d4fda5bfbfb",
"name": "string",
"size": 0,
"status": true,
"current_size": 0,
"retrieve_url": "string"
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Import properties | UploadedFilesResponse |
| default | Default | Error | ErrorDescriptionResponse |
upload_import_file
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/targets/{target_id}/configuration/imports \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /targets/{target_id}/configuration/imports
Target Import
Adds an Import File to a Target to be used with each scan. The operation requires two steps to be completed. A successful request to this API call will return a temporary URL which MUST be used to upload the import file within a timeout period.
Once this API Call generates a successful response (containing the ad-hoc upload URL), a second POST request must be made:
The Import (Acunetix HTTP Sniffer, Telerik Fiddler SAZ, PortSwigger Burp State/Export XML, HTTP Archive, and Plain Text formats) file needs to be uploaded via a POST request to the URL (returned in the first response) using an application/octet-stream Content-Type, within the timeout period.
The file upload request is limited to 1048576 bytes (1MB) in size per request. Hence, any file larger than this size has to be fragmented into multiple POST requests. Once a 201 response is received, the next request can be sent with the rest of the file (up to 1MB), which would return a 202 response. This process is repeated until the whole file is uploaded, and the response is 204.
To apply the Import File once uploaded, update the Target's configuration.
Body parameter
{
"name": "string",
"size": 0
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | FileUploadDescriptor | true | none |
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
200 Response
{
"upload_url": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Import temporary file upload URL | UploadLocationResponse |
| default | Default | Error | ErrorDescriptionResponse |
delete_imported_file
Code samples
# You can also use wget
curl -X DELETE https://127.0.0.1:3443/api/v1/targets/{target_id}/configuration/imports/{import_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
DELETE /targets/{target_id}/configuration/imports/{import_id}
Target Import
Un-sets and Delete Import for a Target
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| target_id | path | string(uuid) | true | Target unique identifier |
| import_id | path | string(uuid) | true | none |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Import unset and deleted | None |
| default | Default | Error | ErrorDescriptionResponse |
get_excluded_paths
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/targets/{target_id}/configuration/exclusions \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /targets/{target_id}/configuration/exclusions
Get target excluded path
Returns a list of a excluded paths
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
200 Response
{
"excluded_paths": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Excluded path list | ExcludedPathList |
| default | Default | Error | ErrorDescriptionResponse |
update_excluded_paths
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/targets/{target_id}/configuration/exclusions \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /targets/{target_id}/configuration/exclusions
Update target excuded list
Updates the list of the excluded paths
Body parameter
{
"add": {
"excluded_paths": [
"string"
]
},
"delete": {
"excluded_paths": [
"string"
]
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | ExcludedPathListUpdate | true | Ecluded path list configuration update data |
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Excluded path list updated | None |
| default | Default | Error | ErrorDescriptionResponse |
list_target_groups
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/targets/{target_id}/target_groups \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /targets/{target_id}/target_groups
Target Groups including Target
Returns a list of Target Groups for a Target
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
200 Response
{
"group_id_list": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Targets in Target Group | TargetGroupIdList |
| default | Default | Error | ErrorDescriptionResponse |
Vulnerabilities
get_vulnerabilities
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/vulnerabilities \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /vulnerabilities
Vulnerabilities
Returns a list of all Vulnerabilities found
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| c | query | string | false | Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit). |
| l | query | integer | false | Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100). |
| q | query | string(search) | false | Query to filter results based on a number of filters. |
| s | query | string | false | none |
Detailed descriptions
c: Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit).
l: Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100).
q: Query to filter results based on a number of filters.
List of Filters:
Scans
-
target: Specific target to filter for. Only accepts filtering of single targets.
TARGET_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
threat: Level of severity to filter scans by. Do note that multiple threats can be added and are comma-separated (e.g.
?threat=3,2)- 4: Critical
- 3: High
- 2: Medium
- 1: Low
- 0: Informational
-
business_criticality: Level of business criticality to filter scans for. Multiple values can be added and are comma-separated (e.g.
?business_criticality=30,10)- 30: Critical
- 20: High
- 10: Normal
- 0: Low
-
scan_status: Scan state to filter by. Multiple values can be added and are comma-separated (e.g.
?scan_status=completed,queued)- aborting
- completed
- failed
- processing
- queued
- scheduled
- starting
-
profile_id: Scan type to filter scans by (e.g. Crawl Only). Multiple scan types can be added and are comma-separated.
PROFILE_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
group_id: Target group to filter scans by. Target groups are not preset and thus are custom set for each Acunetix instance. Multiple target groups can be added and are comma-separated.
GROUP_ID(UUID - E.G "11111111-1111-1111-1111-111111111111")
Example responses
200 Response
{
"vulnerabilities": [
{
"status": "fixed",
"comment": "string",
"target_description": "string",
"vuln_id": "string",
"target_vuln_id": "string",
"issue_id": "string",
"issue_tracker_id": "string",
"issue_url": "string",
"vt_name": "string",
"criticality": 0,
"vt_id": "2f7d0267-c402-4b34-84d9-74f7d7796a96",
"affects_detail": "string",
"affects_url": "string",
"source": "string",
"loc_id": 0,
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"first_seen": "2019-08-24",
"last_seen": "2019-08-24",
"severity": 0,
"tags": [
"string"
],
"continuous": true,
"confidence": 0,
"vt_created": "string",
"vt_updated": "string",
"app": "string",
"archived": true
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Vulnerabilities list | VulnerabilityListResponse |
| default | Default | Error | ErrorDescriptionResponse |
get_vulnerability_details
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/vulnerabilities/{vuln_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /vulnerabilities/{vuln_id}
Vulnerability
Returns a list of Vulnerability details
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| vuln_id | path | string | true | Vulnerability unique identifier |
Example responses
200 Response
{
"status": "fixed",
"comment": "string",
"target_description": "string",
"vuln_id": "string",
"target_vuln_id": "string",
"issue_id": "string",
"issue_tracker_id": "string",
"issue_url": "string",
"vt_name": "string",
"criticality": 0,
"vt_id": "2f7d0267-c402-4b34-84d9-74f7d7796a96",
"affects_detail": "string",
"affects_url": "string",
"source": "string",
"loc_id": 0,
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"first_seen": "2019-08-24",
"last_seen": "2019-08-24",
"severity": 0,
"tags": [
"string"
],
"continuous": true,
"confidence": 0,
"vt_created": "string",
"vt_updated": "string",
"app": "string",
"archived": true,
"description": "string",
"cvss2": "string",
"cvss3": "string",
"cvss4": "string",
"cvss_score": 0,
"cvss4_score": 0,
"impact": "string",
"recommendation": "string",
"long_description": "string",
"references": [
{
"rel": "string",
"href": "string"
}
],
"details": "string",
"request": "string",
"response_info": "string",
"highlights": [
{
"index": 0,
"length": 0,
"in": "string"
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Vulnerability details list | VulnerabilityDetails |
| default | Default | Error | ErrorDescriptionResponse |
get_vulnerability_http_response
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/vulnerabilities/{vuln_id}/http_response \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /vulnerabilities/{vuln_id}/http_response
Vulnerability
Returns a list of Vulnerability details
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| vuln_id | path | string | true | Vulnerability unique identifier |
Example responses
200 Response
"string"
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | File containing the HTTP response | string |
| default | Default | Error | ErrorDescriptionResponse |
recheck_vulnerability
Code samples
# You can also use wget
curl -X PUT https://127.0.0.1:3443/api/v1/vulnerabilities/{vuln_id}/recheck \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
PUT /vulnerabilities/{vuln_id}/recheck
Re-check Vulnerability
Re-checks for Target Vulnerability
Body parameter
{
"ui_session_id": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | VulnerabilityRecheck | true | none |
| vuln_id | path | string | true | Vulnerability unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 201 | Created | Scan scheduled | None |
| default | Default | Error | ErrorDescriptionResponse |
Response Headers
| Status | Header | Type | Format | Description |
|---|---|---|---|---|
| 201 | Location | string | url | Scheduled Scan URI |
recheck_vulnerabilities
Code samples
# You can also use wget
curl -X PUT https://127.0.0.1:3443/api/v1/vulnerabilities/recheck \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
PUT /vulnerabilities/recheck
Re-check Vulnerability
Re-checks for Target Vulnerability
Body parameter
{
"vuln_id_list": [
"string"
],
"ui_session_id": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | VulnerabilitiesRecheck | true | none |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Scan/s scheduled | None |
| default | Default | Error | ErrorDescriptionResponse |
set_vulnerability_status
Code samples
# You can also use wget
curl -X PUT https://127.0.0.1:3443/api/v1/vulnerabilities/{vuln_id}/status \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
PUT /vulnerabilities/{vuln_id}/status
Vulnerability status
Updates the status of a Vulnerability
Body parameter
{
"status": "fixed",
"comment": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | VulnerabilityStatus | true | Vulnerability status |
| vuln_id | path | string | true | Vulnerability unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Vulnerability status updated | None |
| default | Default | Error | ErrorDescriptionResponse |
create_vulnerability_issues
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/vulnerabilities/issues \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /vulnerabilities/issues
Schedules the creation of issues on issue tracker.
Schedules the creates of issues for the given list of vulnerabilities, each identified by their vulnerability unique identifier. The issue tracker used is based on the integration linked to the vulnerability's target. A report is returned with the target and integration unique identifier used for each vulnerability. Vulnerabilities for targets that have no associated issue tracker will have a null value in this field.
Body parameter
{
"vuln_ids": [
"string"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | IntegrationsVulnerabilityIdList | true | none |
Example responses
200 Response
{
"result": [
{
"vuln_id": "string",
"target_id": "string",
"integration_id": "string",
"error_msg": "string"
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | A report with the outcome of the scheduling operation. | CreateIssuesViaIntegrationsResponse |
| default | Default | Error | ErrorDescriptionResponse |
get_vulnerability_groups
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/vulnerability_groups \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /vulnerability_groups
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| group_by | query | string | false | Group by type |
| q | query | string(search) | false | Query to filter results based on a number of filters. |
| s | query | string | false | none |
Detailed descriptions
q: Query to filter results based on a number of filters.
List of Filters:
Scans
-
target: Specific target to filter for. Only accepts filtering of single targets.
TARGET_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
threat: Level of severity to filter scans by. Do note that multiple threats can be added and are comma-separated (e.g.
?threat=3,2)- 4: Critical
- 3: High
- 2: Medium
- 1: Low
- 0: Informational
-
business_criticality: Level of business criticality to filter scans for. Multiple values can be added and are comma-separated (e.g.
?business_criticality=30,10)- 30: Critical
- 20: High
- 10: Normal
- 0: Low
-
scan_status: Scan state to filter by. Multiple values can be added and are comma-separated (e.g.
?scan_status=completed,queued)- aborting
- completed
- failed
- processing
- queued
- scheduled
- starting
-
profile_id: Scan type to filter scans by (e.g. Crawl Only). Multiple scan types can be added and are comma-separated.
PROFILE_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
group_id: Target group to filter scans by. Target groups are not preset and thus are custom set for each Acunetix instance. Multiple target groups can be added and are comma-separated.
GROUP_ID(UUID - E.G "11111111-1111-1111-1111-111111111111")
Enumerated Values
| Parameter | Value |
|---|---|
| group_by | fqdn |
| group_by | target |
Example responses
200 Response
{
"items": [
{
"id": "string",
"name": "string",
"data": {},
"count": 0,
"last_seen": "string"
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Vulnerability Type details list | VulnerabilityGroupsResponse |
| default | Default | Error | ErrorDescriptionResponse |
get_vulnerability_types
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/vulnerability_types \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /vulnerability_types
Vulnerability Types
Returns a list of Vulnerability Types with a count for each Vulnerability Type encountered
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| c | query | string | false | Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit). |
| l | query | integer | false | Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100). |
| v | query | string | false | View type |
| q | query | string(search) | false | Query to filter results based on a number of filters. |
| s | query | string | false | none |
Detailed descriptions
c: Cursor indicating which index is the head of the next batch of elements (generally coupled with a limit).
l: Maximum number of items returned. Parameter defaults to 100 if not passed. Limit ranges accepted are less than 100 or greater than 1 (1 < limit < 100).
q: Query to filter results based on a number of filters.
List of Filters:
Scans
-
target: Specific target to filter for. Only accepts filtering of single targets.
TARGET_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
threat: Level of severity to filter scans by. Do note that multiple threats can be added and are comma-separated (e.g.
?threat=3,2)- 4: Critical
- 3: High
- 2: Medium
- 1: Low
- 0: Informational
-
business_criticality: Level of business criticality to filter scans for. Multiple values can be added and are comma-separated (e.g.
?business_criticality=30,10)- 30: Critical
- 20: High
- 10: Normal
- 0: Low
-
scan_status: Scan state to filter by. Multiple values can be added and are comma-separated (e.g.
?scan_status=completed,queued)- aborting
- completed
- failed
- processing
- queued
- scheduled
- starting
-
profile_id: Scan type to filter scans by (e.g. Crawl Only). Multiple scan types can be added and are comma-separated.
PROFILE_ID(UUID - "11111111-1111-1111-1111-111111111111")
-
group_id: Target group to filter scans by. Target groups are not preset and thus are custom set for each Acunetix instance. Multiple target groups can be added and are comma-separated.
GROUP_ID(UUID - E.G "11111111-1111-1111-1111-111111111111")
Enumerated Values
| Parameter | Value |
|---|---|
| v | criticality |
| v | default |
Example responses
200 Response
{
"vulnerability_types": [
{
"vt_id": "2f7d0267-c402-4b34-84d9-74f7d7796a96",
"name": "string",
"severity": 0,
"tags": [
"string"
],
"cvss2": "string",
"cvss3": "string",
"cvss4": "string",
"app": "string",
"count": 0,
"criticality": 0
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Vulnerability Type details list | VulnerabilityTypeTargetsCountResponse |
| default | Default | Error | ErrorDescriptionResponse |
get_vulnerability_type
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/vulnerability_types/{vt_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /vulnerability_types/{vt_id}
Vulnerability Type
Returns a list of Vulnerability Types with a count for each Vulnerability Type encountered
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| vt_id | path | string(uuid) | true | Vulnerability Type unique identifier |
Example responses
200 Response
{
"vt_id": "2f7d0267-c402-4b34-84d9-74f7d7796a96",
"name": "string",
"severity": 0,
"tags": [
"string"
],
"cvss2": "string",
"cvss3": "string",
"cvss4": "string",
"app": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Vulnerability Type properties | VulnerabilityType |
| default | Default | Error | ErrorDescriptionResponse |
WAFUploader
check_connection
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/wafs/check_connection \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /wafs/check_connection
WAF check connection
Tests the connection to a WAF
Body parameter
{
"platform": "AWS",
"acl_name": "string",
"access_key_id": "string",
"secret_key": "string",
"scope": "CLOUDFRONT",
"region": "us-east-1",
"acl_id": "string",
"proxy": {
"proxy_type": "system",
"settings": {
"protocol": "http",
"address": "string",
"port": 0,
"username": "string",
"password": "string",
"enabled": false
}
}
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | WAFConfig | true | WAF configuration |
Example responses
200 Response
{
"success": true,
"message": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | WAF connection status | WAFConnectionStatus |
| default | Default | Error | ErrorDescriptionResponse |
get_wafs
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/wafs \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /wafs
WAFs
Returns a list of WAFs
Example responses
200 Response
{
"wafs": [
{
"platform": "AWS",
"acl_name": "string",
"access_key_id": "string",
"secret_key": "string",
"scope": "CLOUDFRONT",
"region": "us-east-1",
"acl_id": "string",
"proxy": {
"proxy_type": "system",
"settings": {
"protocol": "http",
"address": "string",
"port": 0,
"username": "string",
"password": "string",
"enabled": false
}
},
"waf_id": "dafe8a13-3639-429c-8247-c6f23cadf413",
"name": "string"
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | WAFs list | WAFsList |
| default | Default | Error | ErrorDescriptionResponse |
create_waf_entry
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/wafs \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /wafs
Create a WAF
Creates a new WAF
Body parameter
{
"platform": "AWS",
"acl_name": "string",
"access_key_id": "string",
"secret_key": "string",
"scope": "CLOUDFRONT",
"region": "us-east-1",
"acl_id": "string",
"proxy": {
"proxy_type": "system",
"settings": {
"protocol": "http",
"address": "string",
"port": 0,
"username": "string",
"password": "string",
"enabled": false
}
},
"waf_id": "dafe8a13-3639-429c-8247-c6f23cadf413",
"name": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | WAFEntry | true | WAF configuration |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | WAF created | None |
| default | Default | Error | ErrorDescriptionResponse |
get_waf_entry
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/wafs/{waf_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /wafs/{waf_id}
WAF details
Returns a list of WAF properties
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| waf_id | path | string(uuid) | true | WAF unique identifier |
Example responses
200 Response
{
"platform": "AWS",
"acl_name": "string",
"access_key_id": "string",
"secret_key": "string",
"scope": "CLOUDFRONT",
"region": "us-east-1",
"acl_id": "string",
"proxy": {
"proxy_type": "system",
"settings": {
"protocol": "http",
"address": "string",
"port": 0,
"username": "string",
"password": "string",
"enabled": false
}
},
"waf_id": "dafe8a13-3639-429c-8247-c6f23cadf413",
"name": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | WAF properties | WAFEntry |
| default | Default | Error | ErrorDescriptionResponse |
delete_waf_entry
Code samples
# You can also use wget
curl -X DELETE https://127.0.0.1:3443/api/v1/wafs/{waf_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
DELETE /wafs/{waf_id}
Delete WAF entry
Deletes a WAF
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| waf_id | path | string(uuid) | true | WAF unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | WAF deleted | None |
| default | Default | Error | ErrorDescriptionResponse |
update_waf_entry
Code samples
# You can also use wget
curl -X PATCH https://127.0.0.1:3443/api/v1/wafs/{waf_id} \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
PATCH /wafs/{waf_id}
WAF
Modifies a WAF
Body parameter
{
"platform": "AWS",
"acl_name": "string",
"access_key_id": "string",
"secret_key": "string",
"scope": "CLOUDFRONT",
"region": "us-east-1",
"acl_id": "string",
"proxy": {
"proxy_type": "system",
"settings": {
"protocol": "http",
"address": "string",
"port": 0,
"username": "string",
"password": "string",
"enabled": false
}
},
"waf_id": "dafe8a13-3639-429c-8247-c6f23cadf413",
"name": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | WAFEntry | true | WAF configuration |
| waf_id | path | string(uuid) | true | WAF unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | WAF modified | None |
| default | Default | Error | ErrorDescriptionResponse |
waf_entry_check_connection
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/wafs/{waf_id}/check_connection \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /wafs/{waf_id}/check_connection
WAF connection
Check a particular WAF connection
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| waf_id | path | string(uuid) | true | WAF unique identifier |
Example responses
200 Response
{
"success": true,
"message": "string"
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | WAF connection status | WAFConnectionStatus |
| default | Default | Error | ErrorDescriptionResponse |
WorkerManager
get_workers
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/workers \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /workers
Workers
Returns a list of registered Workers
Example responses
200 Response
{
"workers": [
{
"scanning_app": "wvs",
"endpoint": "string",
"description": "string",
"worker_id": "ae5fa6f7-c55b-40c1-b40a-b36ac467652b",
"status": "offline",
"authorization": "pending",
"app_version": "string",
"license_status": "string",
"targets": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"notification_status": true
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | List of Workers | WorkerList |
| default | Default | Error | ErrorDescriptionResponse |
get_worker
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/workers/{worker_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /workers/{worker_id}
Worker
Returns a list of Worker properties
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| worker_id | path | string(uuid) | true | Worker unique identifier |
Example responses
200 Response
{
"scanning_app": "wvs",
"endpoint": "string",
"description": "string",
"worker_id": "ae5fa6f7-c55b-40c1-b40a-b36ac467652b",
"status": "offline",
"authorization": "pending",
"app_version": "string",
"license_status": "string",
"targets": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"notification_status": true
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Worker properties | Worker |
| default | Default | Error | ErrorDescriptionResponse |
delete_worker
Code samples
# You can also use wget
curl -X DELETE https://127.0.0.1:3443/api/v1/workers/{worker_id} \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
DELETE /workers/{worker_id}
Worker
Deletes a Worker
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| worker_id | path | string(uuid) | true | Worker unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Worker deleted | None |
| default | Default | Error | ErrorDescriptionResponse |
delete_worker_ignore_errors
Code samples
# You can also use wget
curl -X DELETE https://127.0.0.1:3443/api/v1/workers/{worker_id}/ignore_errors \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
DELETE /workers/{worker_id}/ignore_errors
Worker
Ignores Errors for a Worker
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| worker_id | path | string(uuid) | true | Worker unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Resource deleted | None |
| default | Default | Error | ErrorDescriptionResponse |
authorize_worker
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/workers/{worker_id}/authorize \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /workers/{worker_id}/authorize
Authorize Worker
Authorizes a Worker
Body parameter
{}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | EmptyObject | true | none |
| worker_id | path | string(uuid) | true | Worker unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Worker authorization successful | None |
| default | Default | Error | ErrorDescriptionResponse |
reject_worker
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/workers/{worker_id}/reject \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /workers/{worker_id}/reject
Reject Worker
Rejects a Worker
Body parameter
{}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | EmptyObject | true | none |
| worker_id | path | string(uuid) | true | Worker unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Worker rejection successful | None |
| default | Default | Error | ErrorDescriptionResponse |
check_worker
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/workers/{worker_id}/check \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /workers/{worker_id}/check
Check Worker connection
Checks a Worker's connection
Body parameter
{}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | EmptyObject | true | none |
| worker_id | path | string(uuid) | true | Worker unique identifier |
Example responses
200 Response
{
"scanning_app": "wvs",
"endpoint": "string",
"description": "string",
"worker_id": "ae5fa6f7-c55b-40c1-b40a-b36ac467652b",
"status": "offline",
"authorization": "pending",
"app_version": "string",
"license_status": "string",
"targets": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"notification_status": true,
"max_scans": 0,
"current_scans": 0,
"status_extra": {}
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Worker connection successful | WorkerExtended |
| default | Default | Error | ErrorDescriptionResponse |
upgrade_worker
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/workers/{worker_id}/upgrade \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /workers/{worker_id}/upgrade
Upgrade Worker
Upgrade a Worker to main engine build number
Body parameter
{}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | EmptyObject | true | none |
| worker_id | path | string(uuid) | true | Worker unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Worker upgrade successful | None |
| default | Default | Error | ErrorDescriptionResponse |
rename_worker
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/workers/{worker_id}/rename \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /workers/{worker_id}/rename
Rename Worker
Renames a Worker
Body parameter
{
"description": "string"
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | WorkerDescription | true | none |
| worker_id | path | string(uuid) | true | Worker unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Worker renamed | None |
| default | Default | Error | ErrorDescriptionResponse |
get_workers_assigned_to_target
Code samples
# You can also use wget
curl -X GET https://127.0.0.1:3443/api/v1/targets/{target_id}/configuration/workers \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
GET /targets/{target_id}/configuration/workers
Target assigned Workers
Returns Workers assigned to a Target
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
200 Response
{
"workers": [
{
"scanning_app": "wvs",
"endpoint": "string",
"description": "string",
"worker_id": "ae5fa6f7-c55b-40c1-b40a-b36ac467652b",
"status": "offline",
"authorization": "pending",
"app_version": "string",
"license_status": "string",
"targets": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"notification_status": true
}
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 200 | OK | Workers assigned to Target | WorkerList |
| default | Default | Error | ErrorDescriptionResponse |
assign_workers_to_target
Code samples
# You can also use wget
curl -X POST https://127.0.0.1:3443/api/v1/targets/{target_id}/configuration/workers \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-Auth: API_KEY'
POST /targets/{target_id}/configuration/workers
Assign Workers to Target
Assigns Workers to a Target. Up to one Worker-type (web or network) can be assigned to a single Target
Body parameter
{
"worker_id_list": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Parameters
| Name | In | Type | Required | Description |
|---|---|---|---|---|
| body | body | WorkerIdList | true | none |
| target_id | path | string(uuid) | true | Target unique identifier |
Example responses
default Response
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Responses
| Status | Meaning | Description | Schema |
|---|---|---|---|
| 204 | No Content | Worker assigned to Target | None |
| default | Default | Error | ErrorDescriptionResponse |
Schemas
ReportTemplate
{
"name": "string",
"group": "string",
"template_id": "c6d67e98-83ea-49f0-8812-e4abae2b68bc",
"accepted_sources": [
"ignore_entry"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | false | none | Report Template name |
| group | string | false | none | none |
| template_id | string(uuid) | true | none | Report Template unique identifier |
| accepted_sources | [string] | false | none | none |
ScanningProfile
{
"name": "string",
"profile_id": "bfcb6779-b1f9-41fc-92d7-88f8bc1d12e8",
"sort_order": 1000,
"custom": true,
"checks": [
"string"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | false | none | Scan Type (Scanning Profile) name |
| profile_id | string(uuid) | false | none | Scan Type (Scanning Profile) unique identifier |
| sort_order | integer | false | none | Sort order value |
| custom | boolean | false | none | Describes if the Scan Type (Scanning Profile) is user-editable (read only) |
| checks | [string] | true | none | Vulnerability test names obtained from /checks.json; array must contain names of checks which are NOT to be performed; if array contains the name of a group of checks, then the entire group of checks will NOT be performed; consider the example ["wvs/Scripts","wvs/httpdata/opensearch-httpdata.js"] - this will exclude the entire "wvs/Scripts" group of tests, and will also exclude the "wvs/httpdata/opensearch-httpdata.js" specific test. |
PaginationExt
{
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| count | integer | false | none | The number of elements given "q" (query/query_hash) |
| cursors | [string] | false | none | A list of cursor, current and known following cursors |
| cursor_hash | string | false | none | MD5 hash of the cursor, query and sorting generating this query. |
| sort | string | false | none | none |
TargetInfo
{
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"scan_authorization": {
"url": "string",
"content": "string"
},
"continuous_mode": true,
"last_scan_date": "2019-08-24",
"last_scan_id": "880bc00e-8f2f-43dc-9a1f-f6ff660d0521",
"last_scan_session_id": "338927ab-dbda-4b74-bf99-beabf49af8cc",
"last_scan_session_status": "string",
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"threat": 0,
"links": [
{
"rel": "string",
"href": "string"
}
],
"manual_intervention": true,
"verification": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| target_id | string(uuid) | false | none | Target unique identifier |
| scan_authorization | object | false | none | none |
| » url | string(url) | false | none | none |
| » content | string | false | none | none |
| continuous_mode | boolean | false | none | Continuous Mode enabled |
| last_scan_date | string(date) | false | none | Last date the Target was scanned on |
| last_scan_id | string(uuid) | false | none | Last Scan unique identifier for the Target |
| last_scan_session_id | string(uuid) | false | none | none |
| last_scan_session_status | string | false | none | none |
| severity_counts | SeverityCounts | false | none | none |
| threat | integer | false | none | none |
| links | [Link] | false | none | Target quick-access links (last scan, report) |
| manual_intervention | boolean | false | none | Target requires manual intervention |
| verification | string | false | none | The verification status of the target (none, auto, admin or demo) |
Target
{
"address": "string",
"description": "",
"type": "default",
"criticality": 30,
"fqdn_status": "string",
"fqdn_tm_hash": "string",
"deleted_at": "string",
"fqdn": "string",
"fqdn_hash": "string",
"default_scanning_profile_id": "string",
"agents": [
{
"agent_id": "2b1e3b65-2c04-4fa2-a2d7-467901e98978",
"name": "string"
}
],
"default_overrides": {
"auth": "string",
"scan": "string"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| address | string(host | url) | true | none |
| description | string | false | none | Target description |
| type | string | false | none | The type of the target (default, network or demo) |
| criticality | integer | false | none | Target criticality (Critical [30], High [20], Normal [10], Low [0]) |
| fqdn_status | string | false | read-only | none |
| fqdn_tm_hash | string | false | read-only | none |
| deleted_at | string(date-time | null) | false | read-only |
| fqdn | string | false | read-only | none |
| fqdn_hash | string | false | read-only | none |
| default_scanning_profile_id | string | false | read-only | none |
| agents | [TargetAgents] | false | read-only | none |
| default_overrides | object | false | read-only | none |
| » auth | string | false | none | none |
| » scan | string | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| type | default |
| type | demo |
| type | network |
| criticality | 30 |
| criticality | 20 |
| criticality | 10 |
| criticality | 0 |
TargetAgents
{
"agent_id": "2b1e3b65-2c04-4fa2-a2d7-467901e98978",
"name": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| agent_id | string(uuid) | true | none | Agent ID |
| name | string(string) | false | none | none |
AddTargetsDescriptor
{
"targets": [
{
"address": "string",
"description": "",
"type": "default",
"criticality": 30,
"fqdn_status": "string",
"fqdn_tm_hash": "string",
"deleted_at": "string",
"fqdn": "string",
"fqdn_hash": "string",
"default_scanning_profile_id": "string",
"agents": [
{
"agent_id": "2b1e3b65-2c04-4fa2-a2d7-467901e98978",
"name": "string"
}
],
"default_overrides": {
"auth": "string",
"scan": "string"
}
}
],
"groups": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| targets | [Target] | true | none | none |
| groups | [string] | false | none | none |
TargetItemResponseList
{
"targets": [
{
"address": "string",
"description": "",
"type": "default",
"criticality": 30,
"fqdn_status": "string",
"fqdn_tm_hash": "string",
"deleted_at": "string",
"fqdn": "string",
"fqdn_hash": "string",
"default_scanning_profile_id": "string",
"agents": [
{
"agent_id": "2b1e3b65-2c04-4fa2-a2d7-467901e98978",
"name": "string"
}
],
"default_overrides": {
"auth": "string",
"scan": "string"
}
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| targets | [Target] | false | none | none |
TargetItemResponse
{
"address": "string",
"description": "",
"type": "default",
"criticality": 30,
"fqdn_status": "string",
"fqdn_tm_hash": "string",
"deleted_at": "string",
"fqdn": "string",
"fqdn_hash": "string",
"default_scanning_profile_id": "string",
"agents": [
{
"agent_id": "2b1e3b65-2c04-4fa2-a2d7-467901e98978",
"name": "string"
}
],
"default_overrides": {
"auth": "string",
"scan": "string"
},
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"scan_authorization": {
"url": "string",
"content": "string"
},
"continuous_mode": true,
"last_scan_date": "2019-08-24",
"last_scan_id": "880bc00e-8f2f-43dc-9a1f-f6ff660d0521",
"last_scan_session_id": "338927ab-dbda-4b74-bf99-beabf49af8cc",
"last_scan_session_status": "string",
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"threat": 0,
"links": [
{
"rel": "string",
"href": "string"
}
],
"manual_intervention": true,
"verification": "string"
}
Properties
allOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | Target | false | none | none |
and
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | TargetInfo | false | none | none |
Schedule
{
"disable": true,
"time_sensitive": true,
"history_limit": 10,
"start_date": "string",
"recurrence": "string",
"triggerable": false
}
Defines the schedule for the when an event (e.g. a Scan) is to occur and at what frequency.
Example
Schedule event to occur on a weekly basis (FREQ=WEEKLY), on every
third week (INTERVAL=3) on a Thursday (BYDAY=TH)
"schedule":{
"disable":false,
"recurrence":"DTSTART:20180112T003000Z\nFREQ=WEEKLY;INTERVAL=3;BYDAY=TH",
"time_sensitive":true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| disable | boolean | false | none | Schedule is disabled |
| time_sensitive | boolean | false | none | Scan Schedule is time-sensitive |
| history_limit | integer(int32) | false | none | Number of Scans to retain for a Schedule |
| start_date | string(date-time | null) | false | none |
| recurrence | string(rrule) | false | none | Recurrence specification as described in RFC5545 (http://tools.ietf.org/html/rfc5545) |
| triggerable | boolean | false | none | none |
ScanInfo
{
"status": "scheduled",
"event_level": 0,
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"progress": 100,
"start_date": "2019-08-24",
"threat": 0,
"scan_session_id": "a59b845e-cdb0-42cc-a137-8283888038d3",
"acusensor": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| status | string | false | none | Scan status (Scheduled, Processing, Aborted, Completed, Failed) |
| event_level | integer | false | none | none |
| severity_counts | SeverityCounts | false | none | none |
| progress | integer | false | none | Percentage of Scan progress complete |
| start_date | string(date) | false | none | Scan start date |
| threat | integer | false | none | none |
| scan_session_id | string(uuid) | false | none | none |
| acusensor | boolean | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| status | scheduled |
| status | queued |
| status | starting |
| status | processing |
| status | aborting |
| status | aborted |
| status | pausing |
| status | paused |
| status | completed |
| status | failed |
GenericScan
{
"user_authorized_to_scan": "yes",
"profile_id": "bfcb6779-b1f9-41fc-92d7-88f8bc1d12e8",
"report_template_id": "e89ef7db-4101-4c97-b7ab-9249efd2d3cd",
"schedule": {
"disable": true,
"time_sensitive": true,
"history_limit": 10,
"start_date": "string",
"recurrence": "string",
"triggerable": false
},
"max_scan_time": 0,
"incremental": false,
"next_run": "2019-08-24"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| user_authorized_to_scan | string | false | none | Only applies for the online version |
| profile_id | string(uuid) | true | none | Profile ID |
| report_template_id | string(uuid) | false | none | none |
| schedule | Schedule | true | none | Defines the schedule for the when an event (e.g. a Scan) is to occur and at what frequency. ##### Example Schedule event to occur on a weekly basis ( FREQ=WEEKLY), on everythird week ( INTERVAL=3) on a Thursday (BYDAY=TH) |
| max_scan_time | integer | false | none | none |
| incremental | boolean | false | none | none |
| next_run | string(date) | false | read-only | Next scheduled Scan date |
Enumerated Values
| Property | Value |
|---|---|
| user_authorized_to_scan | yes |
Scan
{
"user_authorized_to_scan": "yes",
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"profile_id": "bfcb6779-b1f9-41fc-92d7-88f8bc1d12e8",
"report_template_id": "e89ef7db-4101-4c97-b7ab-9249efd2d3cd",
"schedule": {
"disable": true,
"time_sensitive": true,
"history_limit": 10,
"start_date": "string",
"recurrence": "string",
"triggerable": false
},
"max_scan_time": 0,
"incremental": false,
"next_run": "2019-08-24"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| user_authorized_to_scan | string | false | none | Only applies for the online version |
| target_id | string(uuid) | true | none | Scan target's ID |
| profile_id | string(uuid) | true | none | Scanning profile (e.g. "Crawl Only", "Full Scan") ID. Note: Custom scanning profiles may have randomized IDs ---- List of built-in scanning profiles: - Full Scan: 11111111-1111-1111-1111-111111111111 - Critical / High Risk Vulnerabilities: 11111111-1111-1111-1111-111111111112 - Cross-site Scripting Vulnerabilities: 11111111-1111-1111-1111-111111111116 - SQL Injection Vulnerabilities: 11111111-1111-1111-1111-111111111113 - Weak Passwords: 11111111-1111-1111-1111-111111111115 - Crawl Only: 11111111-1111-1111-1111-111111111117 |
| report_template_id | string(uuid) | false | none | Report Template (e.g. "Developer Report", "OWASP Top 10 2017") ID ---- List of built-in report templates and their IDs: - Developer: 11111111-1111-1111-1111-111111111111 - Quick: 11111111-1111-1111-1111-111111111112 - Executive Summary: 11111111-1111-1111-1111-111111111113 - HIPAA: 11111111-1111-1111-1111-111111111114 - Affected Items: 11111111-1111-1111-1111-111111111115 - Scan Comparison: 11111111-1111-1111-1111-111111111124 - CWE 2011: 11111111-1111-1111-1111-111111111116 - ISO 27001: 11111111-1111-1111-1111-111111111117 - NIST SP800 53: 11111111-1111-1111-1111-111111111118 - OWASP Top 10 2013: 11111111-1111-1111-1111-111111111119 - OWASP Top 10 2017: 11111111-1111-1111-1111-111111111125 - PCI DSS 3.2: 11111111-1111-1111-1111-111111111120 - Sarbanes Oxley: 11111111-1111-1111-1111-111111111121 - STIG DISA: 11111111-1111-1111-1111-111111111122 - WASC Threat Classification: 11111111-1111-1111-1111-111111111123 |
| schedule | Schedule | true | none | Defines the schedule for the when an event (e.g. a Scan) is to occur and at what frequency. ##### Example Schedule event to occur on a weekly basis ( FREQ=WEEKLY), on everythird week ( INTERVAL=3) on a Thursday (BYDAY=TH) |
| max_scan_time | integer | false | none | none |
| incremental | boolean | false | none | none |
| next_run | string(date) | false | read-only | Next scheduled Scan date |
Enumerated Values
| Property | Value |
|---|---|
| user_authorized_to_scan | yes |
ScanSessionStatus
{
"current_session": {
"status": "scheduled",
"event_level": 0,
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"progress": 100,
"start_date": "2019-08-24",
"threat": 0,
"scan_session_id": "a59b845e-cdb0-42cc-a137-8283888038d3",
"acusensor": true
},
"previous_session": {
"status": "scheduled",
"event_level": 0,
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"progress": 100,
"start_date": "2019-08-24",
"threat": 0,
"scan_session_id": "a59b845e-cdb0-42cc-a137-8283888038d3",
"acusensor": true
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| current_session | ScanInfo | false | none | none |
| previous_session | ScanInfo | false | none | none |
ScanItemResponse
{
"user_authorized_to_scan": "yes",
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"profile_id": "bfcb6779-b1f9-41fc-92d7-88f8bc1d12e8",
"report_template_id": "e89ef7db-4101-4c97-b7ab-9249efd2d3cd",
"schedule": {
"disable": true,
"time_sensitive": true,
"history_limit": 10,
"start_date": "string",
"recurrence": "string",
"triggerable": false
},
"max_scan_time": 0,
"incremental": false,
"next_run": "2019-08-24",
"current_session": {
"status": "scheduled",
"event_level": 0,
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"progress": 100,
"start_date": "2019-08-24",
"threat": 0,
"scan_session_id": "a59b845e-cdb0-42cc-a137-8283888038d3",
"acusensor": true
},
"previous_session": {
"status": "scheduled",
"event_level": 0,
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"progress": 100,
"start_date": "2019-08-24",
"threat": 0,
"scan_session_id": "a59b845e-cdb0-42cc-a137-8283888038d3",
"acusensor": true
},
"target": {
"address": "string",
"description": "",
"type": "default",
"criticality": 30,
"fqdn_status": "string",
"fqdn_tm_hash": "string",
"deleted_at": "string",
"fqdn": "string",
"fqdn_hash": "string",
"default_scanning_profile_id": "string",
"agents": [
{
"agent_id": "2b1e3b65-2c04-4fa2-a2d7-467901e98978",
"name": "string"
}
],
"default_overrides": {
"auth": "string",
"scan": "string"
}
},
"criticality": 0,
"profile_name": "string",
"scan_id": "9a59f0f5-5572-476d-a7fc-c960ef43a5af",
"start_date": "2019-08-24T14:15:22Z",
"manual_intervention": true
}
Properties
allOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | Scan | false | none | none |
and
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | ScanSessionStatus | false | none | none |
and
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
| » target | Target | false | none | none |
| » criticality | integer | false | none | none |
| » profile_name | string | false | none | Scanning Profile name |
| » scan_id | string(uuid) | false | none | Scan unique identifier |
| » start_date | string(date-time) | false | none | Scan start date |
| » manual_intervention | boolean | false | none | Scan has manual intervention |
ScanListResponse
{
"scans": [
{
"user_authorized_to_scan": "yes",
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"profile_id": "bfcb6779-b1f9-41fc-92d7-88f8bc1d12e8",
"report_template_id": "e89ef7db-4101-4c97-b7ab-9249efd2d3cd",
"schedule": {
"disable": true,
"time_sensitive": true,
"history_limit": 10,
"start_date": "string",
"recurrence": "string",
"triggerable": false
},
"max_scan_time": 0,
"incremental": false,
"next_run": "2019-08-24",
"current_session": {
"status": "scheduled",
"event_level": 0,
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"progress": 100,
"start_date": "2019-08-24",
"threat": 0,
"scan_session_id": "a59b845e-cdb0-42cc-a137-8283888038d3",
"acusensor": true
},
"previous_session": {
"status": "scheduled",
"event_level": 0,
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"progress": 100,
"start_date": "2019-08-24",
"threat": 0,
"scan_session_id": "a59b845e-cdb0-42cc-a137-8283888038d3",
"acusensor": true
},
"target": {
"address": "string",
"description": "",
"type": "default",
"criticality": 30,
"fqdn_status": "string",
"fqdn_tm_hash": "string",
"deleted_at": "string",
"fqdn": "string",
"fqdn_hash": "string",
"default_scanning_profile_id": "string",
"agents": [
{
"agent_id": "2b1e3b65-2c04-4fa2-a2d7-467901e98978",
"name": "string"
}
],
"default_overrides": {
"auth": "string",
"scan": "string"
}
},
"criticality": 0,
"profile_name": "string",
"scan_id": "9a59f0f5-5572-476d-a7fc-c960ef43a5af",
"start_date": "2019-08-24T14:15:22Z",
"manual_intervention": true
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Paginated list of Scans
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| scans | [ScanItemResponse] | false | none | none |
| pagination | PaginationExt | false | none | none |
ContinuousScanItemResponse
{
"start_date": "2019-08-24",
"end_date": "2019-08-24",
"scan_type": "string",
"status": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| start_date | string(date) | false | none | none |
| end_date | string(date) | false | none | none |
| scan_type | string | false | none | none |
| status | string | false | none | none |
ContinuousScanListResponse
{
"scans": [
{
"start_date": "2019-08-24",
"end_date": "2019-08-24",
"scan_type": "string",
"status": "string"
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Paginated list of Continuous Scans
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| scans | [ContinuousScanItemResponse] | false | none | none |
| pagination | PaginationExt | false | none | none |
OperationStats
{
"operation_name": "string",
"number_of_runs": 0,
"total_duration": 0,
"average_duration": 0
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| operation_name | string | false | none | none |
| number_of_runs | integer | false | none | none |
| total_duration | integer | false | none | none |
| average_duration | integer | false | none | none |
LocationStats
{
"location_name": "string",
"number_of_requests": 0,
"total_duration": 0,
"average_duration": 0
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| location_name | string | false | none | none |
| number_of_requests | integer | false | none | none |
| total_duration | integer | false | none | none |
| average_duration | integer | false | none | none |
HostStatistics
{
"host": "string",
"aborted": "string",
"aborted_reason": "string",
"external_hosts": [
"string"
],
"is_starting_host": true,
"sensor_detected": true,
"target_info": {
"os": "string",
"responsive": true,
"server": "string",
"technologies": [
"string"
],
"web_scan_status": {
"avg_response_time": 0,
"locations": 0,
"max_response_time": 0,
"request_count": 0
}
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| host | string(url) | false | none | none |
| aborted | string(generic | null) | false | none |
| aborted_reason | string(generic | null) | false | none |
| external_hosts | [string] | false | none | none |
| is_starting_host | boolean | false | none | none |
| sensor_detected | boolean | false | none | none |
| target_info | object | false | none | none |
| » os | string | false | none | none |
| » responsive | boolean | false | none | none |
| » server | string | false | none | none |
| » technologies | [string] | false | none | none |
| » web_scan_status | object | false | none | none |
| »» avg_response_time | integer | false | none | none |
| »» locations | integer | false | none | none |
| »» max_response_time | integer | false | none | none |
| »» request_count | integer | false | none | none |
ScanningAppStatistics
{
"abort_requested": true,
"start_date": "string",
"end_date": "string",
"end_deadline": "string",
"event_level": 0,
"main": {
"start_date": "string",
"duration": 0,
"status": "string",
"progress": 0,
"messages": [
{
"kind": "string",
"data": "string",
"time": "string",
"level": "string",
"target_info": {
"host": "string",
"target_id": "string"
}
}
],
"status_statistics": {
"operationStatsByRun": [
{
"operation_name": "string",
"number_of_runs": 0,
"total_duration": 0,
"average_duration": 0
}
],
"operationStatsByTotalDuration": [
{
"operation_name": "string",
"number_of_runs": 0,
"total_duration": 0,
"average_duration": 0
}
],
"locationStatsByRequest": [
{
"location_name": "string",
"number_of_requests": 0,
"total_duration": 0,
"average_duration": 0
}
],
"locationStatsByAvgDuration": [
{
"location_name": "string",
"number_of_requests": 0,
"total_duration": 0,
"average_duration": 0
}
],
"locationStatsByTotalDuration": [
{
"location_name": "string",
"number_of_requests": 0,
"total_duration": 0,
"average_duration": 0
}
]
},
"vulns": [
{
"name": "string",
"time": "string",
"vuln_id": "string",
"severity": 0,
"target_info": {
"host": "string",
"target_id": "string"
}
}
],
"web_scan_status": {
"avg_response_time": 0,
"locations": 0,
"max_response_time": 0,
"request_count": 0
}
},
"hosts": {
"property1": {
"host": "string",
"aborted": "string",
"aborted_reason": "string",
"external_hosts": [
"string"
],
"is_starting_host": true,
"sensor_detected": true,
"target_info": {
"os": "string",
"responsive": true,
"server": "string",
"technologies": [
"string"
],
"web_scan_status": {
"avg_response_time": 0,
"locations": 0,
"max_response_time": 0,
"request_count": 0
}
}
},
"property2": {
"host": "string",
"aborted": "string",
"aborted_reason": "string",
"external_hosts": [
"string"
],
"is_starting_host": true,
"sensor_detected": true,
"target_info": {
"os": "string",
"responsive": true,
"server": "string",
"technologies": [
"string"
],
"web_scan_status": {
"avg_response_time": 0,
"locations": 0,
"max_response_time": 0,
"request_count": 0
}
}
}
},
"build": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| abort_requested | boolean | false | none | none |
| start_date | string | false | none | none |
| end_date | string | false | none | none |
| end_deadline | string | false | none | none |
| event_level | integer | false | none | none |
| main | object | false | none | none |
| » start_date | string | false | none | none |
| » duration | integer | false | none | none |
| » status | string | false | none | none |
| » progress | integer | false | none | none |
| » messages | [object] | false | none | none |
| »» kind | string | false | none | none |
| »» data | string | false | none | none |
| »» time | string | false | none | none |
| »» level | string | false | none | none |
| »» target_info | object | false | none | none |
| »»» host | string | false | none | none |
| »»» target_id | string | false | none | none |
| » status_statistics | object | false | none | none |
| »» operationStatsByRun | [OperationStats] | false | none | none |
| »» operationStatsByTotalDuration | [OperationStats] | false | none | none |
| »» locationStatsByRequest | [LocationStats] | false | none | none |
| »» locationStatsByAvgDuration | [LocationStats] | false | none | none |
| »» locationStatsByTotalDuration | [LocationStats] | false | none | none |
| » vulns | [object] | false | none | none |
| »» name | string | false | none | none |
| »» time | string | false | none | none |
| »» vuln_id | string | false | none | none |
| »» severity | integer | false | none | none |
| »» target_info | object | false | none | none |
| »»» host | string | false | none | none |
| »»» target_id | string | false | none | none |
| » web_scan_status | object | false | none | none |
| »» avg_response_time | integer | false | none | none |
| »» locations | integer | false | none | none |
| »» max_response_time | integer | false | none | none |
| »» request_count | integer | false | none | none |
| hosts | object | false | none | none |
| » additionalProperties | HostStatistics | false | none | none |
| build | string | false | none | none |
ScanStatistics
{
"status": "scheduled",
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"scanning_app": {
"wvs": {
"abort_requested": true,
"start_date": "string",
"end_date": "string",
"end_deadline": "string",
"event_level": 0,
"main": {
"start_date": "string",
"duration": 0,
"status": "string",
"progress": 0,
"messages": [
{
"kind": "string",
"data": "string",
"time": "string",
"level": "string",
"target_info": {
"host": "string",
"target_id": "string"
}
}
],
"status_statistics": {
"operationStatsByRun": [
{
"operation_name": "string",
"number_of_runs": 0,
"total_duration": 0,
"average_duration": 0
}
],
"operationStatsByTotalDuration": [
{
"operation_name": "string",
"number_of_runs": 0,
"total_duration": 0,
"average_duration": 0
}
],
"locationStatsByRequest": [
{
"location_name": "string",
"number_of_requests": 0,
"total_duration": 0,
"average_duration": 0
}
],
"locationStatsByAvgDuration": [
{
"location_name": "string",
"number_of_requests": 0,
"total_duration": 0,
"average_duration": 0
}
],
"locationStatsByTotalDuration": [
{
"location_name": "string",
"number_of_requests": 0,
"total_duration": 0,
"average_duration": 0
}
]
},
"vulns": [
{
"name": "string",
"time": "string",
"vuln_id": "string",
"severity": 0,
"target_info": {
"host": "string",
"target_id": "string"
}
}
],
"web_scan_status": {
"avg_response_time": 0,
"locations": 0,
"max_response_time": 0,
"request_count": 0
}
},
"hosts": {
"property1": {
"host": "string",
"aborted": "string",
"aborted_reason": "string",
"external_hosts": [
"string"
],
"is_starting_host": true,
"sensor_detected": true,
"target_info": {
"os": "string",
"responsive": true,
"server": "string",
"technologies": [
"string"
],
"web_scan_status": {
"avg_response_time": 0,
"locations": 0,
"max_response_time": 0,
"request_count": 0
}
}
},
"property2": {
"host": "string",
"aborted": "string",
"aborted_reason": "string",
"external_hosts": [
"string"
],
"is_starting_host": true,
"sensor_detected": true,
"target_info": {
"os": "string",
"responsive": true,
"server": "string",
"technologies": [
"string"
],
"web_scan_status": {
"avg_response_time": 0,
"locations": 0,
"max_response_time": 0,
"request_count": 0
}
}
}
},
"build": "string"
},
"ovas": {
"abort_requested": true,
"start_date": "string",
"end_date": "string",
"end_deadline": "string",
"event_level": 0,
"main": {
"start_date": "string",
"duration": 0,
"status": "string",
"progress": 0,
"messages": [
{
"kind": "string",
"data": "string",
"time": "string",
"level": "string",
"target_info": {
"host": "string",
"target_id": "string"
}
}
],
"status_statistics": {
"operationStatsByRun": [
{
"operation_name": "string",
"number_of_runs": 0,
"total_duration": 0,
"average_duration": 0
}
],
"operationStatsByTotalDuration": [
{
"operation_name": "string",
"number_of_runs": 0,
"total_duration": 0,
"average_duration": 0
}
],
"locationStatsByRequest": [
{
"location_name": "string",
"number_of_requests": 0,
"total_duration": 0,
"average_duration": 0
}
],
"locationStatsByAvgDuration": [
{
"location_name": "string",
"number_of_requests": 0,
"total_duration": 0,
"average_duration": 0
}
],
"locationStatsByTotalDuration": [
{
"location_name": "string",
"number_of_requests": 0,
"total_duration": 0,
"average_duration": 0
}
]
},
"vulns": [
{
"name": "string",
"time": "string",
"vuln_id": "string",
"severity": 0,
"target_info": {
"host": "string",
"target_id": "string"
}
}
],
"web_scan_status": {
"avg_response_time": 0,
"locations": 0,
"max_response_time": 0,
"request_count": 0
}
},
"hosts": {
"property1": {
"host": "string",
"aborted": "string",
"aborted_reason": "string",
"external_hosts": [
"string"
],
"is_starting_host": true,
"sensor_detected": true,
"target_info": {
"os": "string",
"responsive": true,
"server": "string",
"technologies": [
"string"
],
"web_scan_status": {
"avg_response_time": 0,
"locations": 0,
"max_response_time": 0,
"request_count": 0
}
}
},
"property2": {
"host": "string",
"aborted": "string",
"aborted_reason": "string",
"external_hosts": [
"string"
],
"is_starting_host": true,
"sensor_detected": true,
"target_info": {
"os": "string",
"responsive": true,
"server": "string",
"technologies": [
"string"
],
"web_scan_status": {
"avg_response_time": 0,
"locations": 0,
"max_response_time": 0,
"request_count": 0
}
}
}
},
"build": "string"
}
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| status | string | false | none | none |
| severity_counts | SeverityCounts | false | none | none |
| scanning_app | object | false | none | none |
| » wvs | ScanningAppStatistics | false | none | none |
| » ovas | ScanningAppStatistics | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| status | scheduled |
| status | queued |
| status | starting |
| status | processing |
| status | completed |
| status | aborting |
| status | aborted |
| status | failed |
| status | pausing |
| status | paused |
| status | resuming |
VulnerabilityTypeDetails
{
"description": "string",
"cvss2": "string",
"cvss3": "string",
"cvss4": "string",
"cvss_score": 0,
"cvss4_score": 0,
"impact": "string",
"recommendation": "string",
"long_description": "string",
"references": [
{
"rel": "string",
"href": "string"
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| description | string | false | none | Vulnerability Type description |
| cvss2 | string | false | none | Vulnerability Type CVSS v2.0 vector string |
| cvss3 | string | false | none | Vulnerability Type CVSS v3.0 vector string |
| cvss4 | string | false | none | Vulnerability Type CVSS v4.0 vector string |
| cvss_score | number | false | none | Score is based on the highest CVSS version known for the vulnerability from 2.0 to 3.1 |
| cvss4_score | number | false | none | CVSS 4.0 score |
| impact | string | false | none | Vulnerability Type security impact |
| recommendation | string | false | none | Vulnerability Type remediation recommendation |
| long_description | string | false | none | Vulnerability Type long description |
| references | [Link] | false | none | Vulnerability Type references and resources |
VulnerabilityType
{
"vt_id": "2f7d0267-c402-4b34-84d9-74f7d7796a96",
"name": "string",
"severity": 0,
"tags": [
"string"
],
"cvss2": "string",
"cvss3": "string",
"cvss4": "string",
"app": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| vt_id | string(uuid) | false | none | Vulnerability Type unique identifier |
| name | string | false | none | Vulnerability Type name |
| severity | integer | false | none | Vulnerability Type severity |
| tags | [string] | false | none | Vulnerability Type tags |
| cvss2 | string(cvss) | false | none | Vulnerability Type CVSS v2.0 vector string |
| cvss3 | string(cvss) | false | none | Vulnerability Type CVSS v3.0 vector string |
| cvss4 | string(cvss) | false | none | Vulnerability Type CVSS v4.0 vector string |
| app | string | false | none | Scanner identifier |
VulnerabilityGroupsResponse
{
"items": [
{
"id": "string",
"name": "string",
"data": {},
"count": 0,
"last_seen": "string"
}
]
}
Vulnerabilities Grouped
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| items | [VulnerabilityGroupItem] | false | none | none |
VulnerabilityGroupItem
{
"id": "string",
"name": "string",
"data": {},
"count": 0,
"last_seen": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| id | string | false | none | none |
| name | string | false | none | none |
| data | object | false | none | none |
| count | integer | false | none | none |
| last_seen | string | false | none | none |
VulnerabilityTypeTargetsCountResponse
{
"vulnerability_types": [
{
"vt_id": "2f7d0267-c402-4b34-84d9-74f7d7796a96",
"name": "string",
"severity": 0,
"tags": [
"string"
],
"cvss2": "string",
"cvss3": "string",
"cvss4": "string",
"app": "string",
"count": 0,
"criticality": 0
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
List of Vulnerability Types found with counts
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| vulnerability_types | [VulnerabilityTypeTargetsCountResponseItem] | false | none | none |
| pagination | PaginationExt | false | none | none |
VulnerabilityTypeTargetsCountResponseItem
{
"vt_id": "2f7d0267-c402-4b34-84d9-74f7d7796a96",
"name": "string",
"severity": 0,
"tags": [
"string"
],
"cvss2": "string",
"cvss3": "string",
"cvss4": "string",
"app": "string",
"count": 0,
"criticality": 0
}
Properties
allOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | VulnerabilityType | false | none | none |
and
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
| » count | integer | false | none | none |
| » criticality | integer | false | none | Vulnerability Type criticality score |
VulnerabilityTypeSessionsCountResponse
{
"vulnerability_types": [
{
"vt_id": "2f7d0267-c402-4b34-84d9-74f7d7796a96",
"name": "string",
"severity": 0,
"tags": [
"string"
],
"cvss2": "string",
"cvss3": "string",
"cvss4": "string",
"app": "string",
"count": 0
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| vulnerability_types | [VulnerabilityTypeSessionsCountResponseItem] | false | none | Count of Vulnerability Types found |
| pagination | PaginationExt | false | none | none |
VulnerabilityTypeSessionsCountResponseItem
{
"vt_id": "2f7d0267-c402-4b34-84d9-74f7d7796a96",
"name": "string",
"severity": 0,
"tags": [
"string"
],
"cvss2": "string",
"cvss3": "string",
"cvss4": "string",
"app": "string",
"count": 0
}
Properties
allOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | VulnerabilityType | false | none | none |
and
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
| » count | integer | false | none | none |
Vulnerability
{
"status": "fixed",
"comment": "string",
"target_description": "string",
"vuln_id": "string",
"target_vuln_id": "string",
"issue_id": "string",
"issue_tracker_id": "string",
"issue_url": "string",
"vt_name": "string",
"criticality": 0,
"vt_id": "2f7d0267-c402-4b34-84d9-74f7d7796a96",
"affects_detail": "string",
"affects_url": "string",
"source": "string",
"loc_id": 0,
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"first_seen": "2019-08-24",
"last_seen": "2019-08-24",
"severity": 0,
"tags": [
"string"
],
"continuous": true,
"confidence": 0,
"vt_created": "string",
"vt_updated": "string",
"app": "string",
"archived": true
}
Properties
allOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | VulnerabilityStatus | false | none | none |
and
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
| » target_description | string | false | none | The affected target description |
| » vuln_id | string | false | none | Vulnerability unique identifier |
| » target_vuln_id | string | false | none | Target vulnerability unique identifier (for scan session vuln view only) |
| » issue_id | string | false | none | none |
| » issue_tracker_id | string | false | none | none |
| » issue_url | string | false | none | Link to the vulnerability created in the configured issue tracker |
| » vt_name | string | false | none | Vulnerability Type name |
| » criticality | integer | false | none | Vulnerability criticality |
| » vt_id | string(uuid) | false | none | Vulnerability Type unique identifier |
| » affects_detail | string | false | none | Vulnerability input |
| » affects_url | string | false | none | Vulnerability URL |
| » source | string | false | none | Who detected the vulnerability |
| » loc_id | integer | false | none | none |
| » target_id | string(uuid) | false | none | Target unique identifier |
| » first_seen | string(date) | false | none | Date Vulnerability was first found |
| » last_seen | string(date) | false | none | Date Vulnerability was last found |
| » severity | integer | false | none | Vulnerability Type severity |
| » tags | [string] | false | none | Vulnerability Type tags |
| » continuous | boolean | false | none | Continuous Scan |
| » confidence | integer | false | none | none |
| » vt_created | string(date-time | null) | false | none |
| » vt_updated | string(date-time | null) | false | none |
| » app | string | false | none | none |
| » archived | boolean | false | none | none |
VulnerabilityStatus
{
"status": "fixed",
"comment": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| status | string | true | none | Vulnerability Status (Fixed, Ignored, Open, False Positive) |
| comment | string | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| status | fixed |
| status | ignored |
| status | open |
| status | false_positive |
VulnerabilityDetails
{
"status": "fixed",
"comment": "string",
"target_description": "string",
"vuln_id": "string",
"target_vuln_id": "string",
"issue_id": "string",
"issue_tracker_id": "string",
"issue_url": "string",
"vt_name": "string",
"criticality": 0,
"vt_id": "2f7d0267-c402-4b34-84d9-74f7d7796a96",
"affects_detail": "string",
"affects_url": "string",
"source": "string",
"loc_id": 0,
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"first_seen": "2019-08-24",
"last_seen": "2019-08-24",
"severity": 0,
"tags": [
"string"
],
"continuous": true,
"confidence": 0,
"vt_created": "string",
"vt_updated": "string",
"app": "string",
"archived": true,
"description": "string",
"cvss2": "string",
"cvss3": "string",
"cvss4": "string",
"cvss_score": 0,
"cvss4_score": 0,
"impact": "string",
"recommendation": "string",
"long_description": "string",
"references": [
{
"rel": "string",
"href": "string"
}
],
"details": "string",
"request": "string",
"response_info": "string",
"highlights": [
{
"index": 0,
"length": 0,
"in": "string"
}
]
}
Properties
allOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | Vulnerability | false | none | none |
and
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | VulnerabilityTypeDetails | false | none | none |
and
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
| » details | string | false | none | Details dictionary used for obtaining a description on how the alert was found |
| » request | string(binary) | false | none | none |
| » response_info | string | false | none | none |
| » highlights | [object] | false | none | none |
| »» index | integer | false | none | none |
| »» length | integer | false | none | none |
| »» in | string | false | none | none |
VulnerabilityListResponse
{
"vulnerabilities": [
{
"status": "fixed",
"comment": "string",
"target_description": "string",
"vuln_id": "string",
"target_vuln_id": "string",
"issue_id": "string",
"issue_tracker_id": "string",
"issue_url": "string",
"vt_name": "string",
"criticality": 0,
"vt_id": "2f7d0267-c402-4b34-84d9-74f7d7796a96",
"affects_detail": "string",
"affects_url": "string",
"source": "string",
"loc_id": 0,
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"first_seen": "2019-08-24",
"last_seen": "2019-08-24",
"severity": 0,
"tags": [
"string"
],
"continuous": true,
"confidence": 0,
"vt_created": "string",
"vt_updated": "string",
"app": "string",
"archived": true
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| vulnerabilities | [Vulnerability] | true | none | Vulnerabilities list |
| pagination | PaginationExt | false | none | none |
Link
{
"rel": "string",
"href": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| rel | string | true | none | Name or type of relation |
| href | string(url) | true | none | Location of related item |
SeverityCounts
{
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| critical | integer | false | none | Critical-severity Vulnerability count |
| high | integer | false | none | High-severity Vulnerability count |
| medium | integer | false | none | Medium-severity Vulnerability count |
| low | integer | false | none | Low-severity Vulnerability count |
| info | integer | false | none | Informational Alert count |
TechnologyVersion
{
"start": "string",
"end": "string",
"cvss_score": 0
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| start | string | false | none | none |
| end | string | false | none | none |
| cvss_score | number | false | none | none |
UpgradeVersion
{
"version": "string",
"cvss_score": 0
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| version | string | false | none | none |
| cvss_score | number | false | none | none |
Technology
{
"tech_id": "string",
"name": "string",
"description": "string",
"type": "string",
"link": "string",
"outdated": true,
"loc_id": 0,
"loc_url": "string",
"detected_version": {
"start": "string",
"end": "string",
"cvss_score": 0
},
"branch_upgrade": {
"version": "string",
"cvss_score": 0
},
"upgrade": {
"version": "string",
"cvss_score": 0
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| tech_id | string | false | none | none |
| name | string | false | none | none |
| description | string | false | none | none |
| type | string | false | none | none |
| link | string | false | none | none |
| outdated | boolean | false | none | none |
| loc_id | integer | false | none | none |
| loc_url | string | false | none | none |
| detected_version | TechnologyVersion | false | none | none |
| branch_upgrade | UpgradeVersion | false | none | none |
| upgrade | UpgradeVersion | false | none | none |
TechnologiesListResponse
{
"technologies": [
{
"tech_id": "string",
"name": "string",
"description": "string",
"type": "string",
"link": "string",
"outdated": true,
"loc_id": 0,
"loc_url": "string",
"detected_version": {
"start": "string",
"end": "string",
"cvss_score": 0
},
"branch_upgrade": {
"version": "string",
"cvss_score": 0
},
"upgrade": {
"version": "string",
"cvss_score": 0
}
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| technologies | [Technology] | false | none | List of technologies |
| pagination | PaginationExt | false | none | none |
UserCredentials
{
"enabled": false,
"username": "string",
"password": "string",
"url": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| enabled | boolean | false | none | User account is enabled |
| username | string | false | none | User account username |
| password | string | false | none | User account password hash |
| url | string(url) | false | none | URL |
SiteLogin
{
"kind": "none",
"credentials": {
"enabled": false,
"username": "string",
"password": "string",
"url": "string"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| kind | string | true | none | Form Authentication method (None, Automatic, Sequence) |
| credentials | UserCredentials | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| kind | none |
| kind | automatic |
| kind | sequence |
| kind | oauth |
CustomCookies
{
"cookie": "string",
"url": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| cookie | string | false | none | Custom Cookies value |
| url | string(url) | false | none | Custom Cookies URL |
TargetGroupsListResponse
{
"groups": [
{
"group_id": "306db4e0-7449-4501-b76f-075576fe2d8f",
"name": "string",
"target_count": 0,
"description": "string",
"vuln_count": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| groups | [TargetGroup] | false | none | none |
| pagination | PaginationExt | false | none | none |
TargetGroup
{
"group_id": "306db4e0-7449-4501-b76f-075576fe2d8f",
"name": "string",
"target_count": 0,
"description": "string",
"vuln_count": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| group_id | string(uuid) | false | none | Target Group unique identifier |
| name | string | true | none | Target Group name |
| target_count | integer | false | none | Target Group Target count |
| description | string | false | none | none |
| vuln_count | SeverityCounts | false | none | none |
IssueTrackerAuth
{
"kind": "cookie",
"user": "string",
"password": "string",
"consumer_key": "string",
"private_key": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| kind | string | true | none | Issue Tracker authentication method |
| user | string | false | none | Issue Tracker Username |
| password | string | false | none | Issue Tracker Password |
| consumer_key | string | false | none | none |
| private_key | string | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| kind | cookie |
| kind | http_basic |
| kind | ntlm |
| kind | http_basic_token |
| kind | oauth |
| kind | impersonation_http_basic_token |
IssueTrackerCollections
{
"collections": [
{
"collection_name": "string"
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| collections | [IssueTrackerCollection] | false | none | none |
IssueTrackerCollection
{
"collection_name": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| collection_name | string | false | none | The name of the collection |
IssueTrackerCustomFields
{
"custom_fields": [
{
"custom_field_name": "string",
"custom_field_id": "string"
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| custom_fields | [IssueTrackerCustomField] | false | none | none |
IssueTrackerCustomField
{
"custom_field_name": "string",
"custom_field_id": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| custom_field_name | string | false | none | The name of the custom field |
| custom_field_id | string | false | none | The id of the custom field |
IssueTrackerProject
{
"project_id": "string",
"project_name": "string",
"project_key": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| project_id | string | false | none | The id of the project |
| project_name | string | false | none | The name of the project |
| project_key | string | false | none | The key of the project |
IssueTrackerIssueType
{
"issue_id": "string",
"issue_name": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| issue_id | string | false | none | The id of the issue type |
| issue_name | string | false | none | The name of the issue type |
IssueTrackerConfig
{
"platform": "github",
"url": "string",
"collection": {
"collection_name": "string"
},
"project": {
"project_id": "string",
"project_name": "string",
"project_key": "string"
},
"issue_type": {
"issue_id": "string",
"issue_name": "string"
},
"auth": {
"kind": "cookie",
"user": "string",
"password": "string",
"consumer_key": "string",
"private_key": "string"
},
"proxy": {
"proxy_type": "system",
"settings": {
"protocol": "http",
"address": "string",
"port": 0,
"username": "string",
"password": "string",
"enabled": false
}
},
"access_from_any_groups": true,
"groups_access": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"tags": [
"string"
],
"labels": [
"string"
],
"custom_fields": [
{
"id": "string",
"value": "string",
"name": "string"
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| platform | string | true | none | Issue Tracker Type |
| url | string(url) | true | none | Issue Tracker URL |
| collection | IssueTrackerCollection | false | none | none |
| project | IssueTrackerProject | false | none | none |
| issue_type | IssueTrackerIssueType | false | none | none |
| auth | IssueTrackerAuth | true | none | none |
| proxy | object | false | none | none |
| » proxy_type | string | false | none | none |
| » settings | ProxySettings | false | none | System proxy settings |
| access_from_any_groups | boolean | false | none | none |
| groups_access | [string] | false | none | none |
| tags | [string] | false | none | none |
| labels | [string] | false | none | none |
| custom_fields | [object] | false | none | none |
| » id | string | false | none | none |
| » value | string | true | none | none |
| » name | string | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| platform | github |
| platform | jira |
| platform | tfs |
| platform | gitlab |
| platform | bugzilla |
| platform | mantis |
| platform | azureservice |
| proxy_type | system |
| proxy_type | no_proxy |
| proxy_type | custom |
IssueTrackerConnectionStatus
{
"success": true,
"message": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| success | boolean | false | none | Issue Tracker status |
| message | string | false | none | Issue Tracker message |
IssueTrackerProjects
{
"projects": [
"string"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| projects | [string] | false | none | Issue Tracker projects |
IssueTrackerIssueTypes
{
"issue_types": [
"string"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| issue_types | [string] | false | none | none |
IssueTrackerEntry
{
"platform": "github",
"url": "string",
"collection": {
"collection_name": "string"
},
"project": {
"project_id": "string",
"project_name": "string",
"project_key": "string"
},
"issue_type": {
"issue_id": "string",
"issue_name": "string"
},
"auth": {
"kind": "cookie",
"user": "string",
"password": "string",
"consumer_key": "string",
"private_key": "string"
},
"proxy": {
"proxy_type": "system",
"settings": {
"protocol": "http",
"address": "string",
"port": 0,
"username": "string",
"password": "string",
"enabled": false
}
},
"access_from_any_groups": true,
"groups_access": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"tags": [
"string"
],
"labels": [
"string"
],
"custom_fields": [
{
"id": "string",
"value": "string",
"name": "string"
}
],
"issue_tracker_id": "a9056f4a-c5f7-4843-a8df-4988763cb8a4",
"name": "string"
}
Properties
allOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | IssueTrackerConfig | false | none | none |
and
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
| » issue_tracker_id | string(uuid) | false | none | none |
| » name | string | false | none | none |
IssueTrackerList
{
"issue_trackers": [
{
"platform": "github",
"url": "string",
"collection": {
"collection_name": "string"
},
"project": {
"project_id": "string",
"project_name": "string",
"project_key": "string"
},
"issue_type": {
"issue_id": "string",
"issue_name": "string"
},
"auth": {
"kind": "cookie",
"user": "string",
"password": "string",
"consumer_key": "string",
"private_key": "string"
},
"proxy": {
"proxy_type": "system",
"settings": {
"protocol": "http",
"address": "string",
"port": 0,
"username": "string",
"password": "string",
"enabled": false
}
},
"access_from_any_groups": true,
"groups_access": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"tags": [
"string"
],
"labels": [
"string"
],
"custom_fields": [
{
"id": "string",
"value": "string",
"name": "string"
}
],
"issue_tracker_id": "a9056f4a-c5f7-4843-a8df-4988763cb8a4",
"name": "string"
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| issue_trackers | [IssueTrackerEntry] | false | none | none |
TargetConfiguration
{
"description": "Target configuration default values",
"limit_crawler_scope": true,
"login": {
"kind": "none"
},
"sensor": false,
"ssh_credentials": {
"kind": "none"
},
"proxy": {
"enabled": false
},
"authentication": {
"enabled": false
},
"client_certificate_password": "",
"scan_speed": "fast",
"case_sensitive": "auto",
"technologies": [],
"custom_headers": [],
"custom_cookies": [],
"excluded_paths": [],
"user_agent": "",
"debug": false
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| issue_tracker_id | string(uuid | empty) | false | none |
| plugin_instance_id | string(uuid | empty) | false | none |
| limit_crawler_scope | boolean | false | none | Limit crawling to Target URI and sub-directories only |
| login | SiteLogin | false | none | none |
| sensor | boolean | false | none | AcuSensor configured |
| sensor_secret | string | false | none | AcuSensor secret |
| ssh_credentials | SSHCredentials | false | none | none |
| proxy | ProxySettings | false | none | System proxy settings |
| authentication | UserCredentials | false | none | none |
| otp | OtpSettings | false | none | Otp settings |
| client_certificate_password | string | false | none | Client Certificate password |
| client_certificate_url | string(url | null | empty) | false |
| scan_speed | string | false | none | HTTP request send rate (Fast, Moderate, Slow, Sequential) |
| case_sensitive | string | false | none | Case-sensitive crawling |
| technologies | [string] | false | none | Technologies enumerated |
| custom_headers | [string] | false | none | Custom HTTP headers set |
| custom_cookies | [CustomCookies] | false | none | Custom cookies set |
| excluded_paths | [string] | false | none | Paths excluded from the Scan scope |
| user_agent | string | false | none | User-agent string set |
| debug | boolean | false | none | Debug mode |
| excluded_hours_id | string(uuid | empty | null) | false |
| ad_blocker | boolean | false | none | none |
| restrict_scans_to_import_files | boolean | false | none | none |
| default_scanning_profile_id | string(uuid | null | empty) | false |
| preseed_mode | string | false | none | none |
| skip_login_form | boolean | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| scan_speed | fast |
| scan_speed | moderate |
| scan_speed | slow |
| scan_speed | sequential |
| scan_speed | slower |
| case_sensitive | yes |
| case_sensitive | no |
| case_sensitive | auto |
ReportSource
{
"description": "string",
"list_type": "all_vulnerabilities",
"id_list": [
"string"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| description | string | false | none | none |
| list_type | string | true | none | none |
| id_list | [string] | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| list_type | all_vulnerabilities |
| list_type | targets |
| list_type | groups |
| list_type | scans |
| list_type | scan_result |
| list_type | vulnerabilities |
| list_type | scan_vulnerabilities |
| list_type | scan_pair |
| list_type | scan_result_pair |
ExportSource
{
"list_type": "all_vulnerabilities",
"id_list": [
"string"
],
"waf_id": "dafe8a13-3639-429c-8247-c6f23cadf413",
"waf_name": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| list_type | string | true | none | none |
| id_list | [string] | false | none | none |
| waf_id | string(uuid) | false | none | none |
| waf_name | string | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| list_type | all_vulnerabilities |
| list_type | targets |
| list_type | groups |
| list_type | scans |
| list_type | scan_result |
| list_type | vulnerabilities |
| list_type | scan_vulnerabilities |
| list_type | scan_pair |
| list_type | scan_result_pair |
ExportType
{
"name": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"content_type": "string",
"accepted_sources": [
"all_vulnerabilities"
],
"export_id": "a9a55f8d-48b1-4a5b-a88e-c41b0cd75102",
"upload": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | false | none | none |
| id | string(uuid) | false | none | none |
| content_type | string | false | none | none |
| accepted_sources | [string] | false | none | none |
| export_id | string(uuid) | true | none | none |
| upload | boolean | false | none | none |
ExportTypesList
{
"templates": [
{
"name": "string",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"content_type": "string",
"accepted_sources": [
"all_vulnerabilities"
],
"export_id": "a9a55f8d-48b1-4a5b-a88e-c41b0cd75102",
"upload": true
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| templates | [ExportType] | false | none | none |
ExcludedPathListUpdate
{
"add": {
"excluded_paths": [
"string"
]
},
"delete": {
"excluded_paths": [
"string"
]
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| add | ExcludedPathList | false | none | none |
| delete | ExcludedPathList | false | none | none |
ExcludedPathList
{
"excluded_paths": [
"string"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| excluded_paths | [string] | false | none | Paths excluded from the Scan scope |
NewExport
{
"export_id": "a9a55f8d-48b1-4a5b-a88e-c41b0cd75102",
"source": {
"list_type": "all_vulnerabilities",
"id_list": [
"string"
],
"waf_id": "dafe8a13-3639-429c-8247-c6f23cadf413",
"waf_name": "string"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| export_id | string(uuid) | true | none | none |
| source | ExportSource | true | none | none |
NewReport
{
"template_id": "c6d67e98-83ea-49f0-8812-e4abae2b68bc",
"source": {
"description": "string",
"list_type": "all_vulnerabilities",
"id_list": [
"string"
]
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| template_id | string(uuid) | true | none | none |
| source | ReportSource | true | none | none |
CrawlLocation
{
"loc_id": 0,
"name": "string",
"path": "string",
"loc_type": "file",
"source_id": 0,
"parent_id": 0,
"tags": "string",
"fragments": "string",
"excluded": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| loc_id | integer | false | none | Crawl location unique identifier |
| name | string | false | none | Crawl location name |
| path | string | false | none | Crawl location path |
| loc_type | string | false | none | Crawl location type (File, Folder) |
| source_id | integer | false | none | Crawl location source unique identifier |
| parent_id | integer | false | none | none |
| tags | string(tag) | false | none | none |
| fragments | string | false | none | none |
| excluded | boolean | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| loc_type | file |
| loc_type | folder |
CrawlLocationDetails
{
"loc_id": 0,
"parent_id": 0,
"source_id": 0,
"url": "string",
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"threat": 0
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| loc_id | integer | false | none | Crawl location unique identifier |
| parent_id | integer | false | none | none |
| source_id | integer | false | none | none |
| url | string(url) | false | none | Crawl location URL |
| severity_counts | SeverityCounts | false | none | none |
| threat | integer | false | none | none |
ChildUser
{
"user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
"password": "string",
"email": "user@example.com",
"first_name": "string",
"last_name": "string",
"role_mappings": [
{
"role_mapping_id": "f61157f6-50e6-4275-ac23-602ac291642c",
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"access_all_targets": false,
"target_group_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
],
"user_groups": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"enabled": true,
"totp_enabled": true,
"locked": 0,
"invite_id": "7218104b-c64c-4f30-a184-1a1802b5c56b",
"invite_expired": true,
"expiration_date": "2019-08-24T14:15:22Z",
"sso_exemption": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| user_id | string(uuid) | false | none | none |
| password | string(sha256) | false | none | none |
| string(email) | true | none | none | |
| first_name | string | true | none | none |
| last_name | string | true | none | none |
| role_mappings | [RoleMapping] | false | none | none |
| user_groups | [string] | false | none | none |
| enabled | boolean | false | none | none |
| totp_enabled | boolean | false | read-only | none |
| locked | integer | false | read-only | none |
| invite_id | string(uuid) | false | none | none |
| invite_expired | boolean | false | none | none |
| expiration_date | string(date-time) | false | none | none |
| sso_exemption | boolean | false | none | none |
ChildUserIdList
{
"user_id_list": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| user_id_list | [string] | true | none | none |
FileUploadDescriptor
{
"name": "string",
"size": 0
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string(filename) | false | none | File name |
| size | integer(int32) | false | none | File size in bytes |
UploadedFile
{
"upload_id": "f2ef591b-135b-46fa-a604-3d4fda5bfbfb",
"name": "string",
"size": 0,
"status": true,
"current_size": 0,
"retrieve_url": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| upload_id | string(uuid) | false | none | Uploaded file unique identifier |
| name | string(filename) | false | none | Uploaded file name |
| size | integer(int32) | false | none | Uploaded file size |
| status | boolean | false | none | Uploaded file status |
| current_size | integer | false | none | Uploaded file current size |
| retrieve_url | string(url | null) | false | none |
ErrorDescriptionResponse
{
"code": 0,
"reason": "string",
"details": [
"string"
]
}
Error processing request
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| code | integer | true | none | none |
| reason | string | true | none | Localized error message |
| details | [string] | false | none | none |
UploadLocationResponse
{
"upload_url": "string"
}
Temporary file upload URL
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| upload_url | string(url) | false | none | none |
UploadedFilesResponse
{
"files": [
{
"upload_id": "f2ef591b-135b-46fa-a604-3d4fda5bfbfb",
"name": "string",
"size": 0,
"status": true,
"current_size": 0,
"retrieve_url": "string"
}
]
}
Uploaded file properties
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| files | [UploadedFile] | false | none | none |
ReportIdList
{
"report_id_list": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| report_id_list | [string] | true | none | none |
TargetIdContainer
{
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| target_id | string(uuid) | false | none | none |
GroupChangeTargetIdList
{
"remove": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"add": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| remove | [string] | false | none | Remove Targets from Target Group |
| add | [string] | false | none | Add Targets to Target Group |
TargetIdList
{
"target_id_list": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| target_id_list | [string] | false | none | Target unique identifiers |
TargetGroupIdList
{
"group_id_list": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| group_id_list | [string] | false | none | Group unique identifiers |
UserAccess
{
"access_all_groups": true,
"group_id_list": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| access_all_groups | boolean | true | none | User has access to all Groups |
| group_id_list | [string] | true | none | Groups accessible by a User |
TargetListResponse
{
"targets": [
{
"address": "string",
"description": "",
"type": "default",
"criticality": 30,
"fqdn_status": "string",
"fqdn_tm_hash": "string",
"deleted_at": "string",
"fqdn": "string",
"fqdn_hash": "string",
"default_scanning_profile_id": "string",
"agents": [
{
"agent_id": "2b1e3b65-2c04-4fa2-a2d7-467901e98978",
"name": "string"
}
],
"default_overrides": {
"auth": "string",
"scan": "string"
},
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"scan_authorization": {
"url": "string",
"content": "string"
},
"continuous_mode": true,
"last_scan_date": "2019-08-24",
"last_scan_id": "880bc00e-8f2f-43dc-9a1f-f6ff660d0521",
"last_scan_session_id": "338927ab-dbda-4b74-bf99-beabf49af8cc",
"last_scan_session_status": "string",
"severity_counts": {
"critical": 0,
"high": 0,
"medium": 0,
"low": 0,
"info": 0
},
"threat": 0,
"links": [
{
"rel": "string",
"href": "string"
}
],
"manual_intervention": true,
"verification": "string"
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Targets list
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| targets | [TargetItemResponse] | true | none | none |
| pagination | PaginationExt | false | none | none |
Report
{
"report_id": "5ed7905a-4735-4cf7-b1ab-521e066fb971",
"source": {
"description": "string",
"list_type": "all_vulnerabilities",
"id_list": [
"string"
]
},
"template_id": "c6d67e98-83ea-49f0-8812-e4abae2b68bc",
"template_name": "string",
"template_type": 0,
"generation_date": "2019-08-24T14:15:22Z",
"status": "string",
"download": [
"string"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| report_id | string(uuid) | false | none | Report unique identifier |
| source | ReportSource | false | none | none |
| template_id | string(uuid) | false | none | Report template unique identifier |
| template_name | string | false | none | Report template name |
| template_type | integer | false | none | Report template type |
| generation_date | string(date-time) | false | none | Report generation date |
| status | string | false | none | Report status |
| download | [string] | false | none | Report download URI |
Export
{
"report_id": "5ed7905a-4735-4cf7-b1ab-521e066fb971",
"source": {
"list_type": "all_vulnerabilities",
"id_list": [
"string"
],
"waf_id": "dafe8a13-3639-429c-8247-c6f23cadf413",
"waf_name": "string"
},
"template_id": "c6d67e98-83ea-49f0-8812-e4abae2b68bc",
"template_name": "string",
"template_type": 0,
"generation_date": "2019-08-24T14:15:22Z",
"status": "string",
"download": [
"string"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| report_id | string(uuid) | false | none | none |
| source | ExportSource | false | none | none |
| template_id | string(uuid) | false | none | none |
| template_name | string | false | none | none |
| template_type | integer | false | none | none |
| generation_date | string(date-time) | false | none | none |
| status | string | false | none | none |
| download | [string] | false | none | none |
ReportTemplateList
{
"templates": [
{
"name": "string",
"group": "string",
"template_id": "c6d67e98-83ea-49f0-8812-e4abae2b68bc",
"accepted_sources": [
"ignore_entry"
]
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| templates | [ReportTemplate] | false | none | none |
ReportListResponse
{
"reports": [
{
"report_id": "5ed7905a-4735-4cf7-b1ab-521e066fb971",
"source": {
"description": "string",
"list_type": "all_vulnerabilities",
"id_list": [
"string"
]
},
"template_id": "c6d67e98-83ea-49f0-8812-e4abae2b68bc",
"template_name": "string",
"template_type": 0,
"generation_date": "2019-08-24T14:15:22Z",
"status": "string",
"download": [
"string"
]
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
List of Reports
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| reports | [Report] | true | none | none |
| pagination | PaginationExt | true | none | none |
ScanningProfilesResponse
{
"scanning_profiles": [
{
"name": "string",
"profile_id": "bfcb6779-b1f9-41fc-92d7-88f8bc1d12e8",
"sort_order": 1000,
"custom": true,
"checks": [
"string"
]
}
]
}
List of available Scanning Profiles
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| scanning_profiles | [ScanningProfile] | false | none | none |
CrawlLocationListResponse
{
"locations": [
{
"loc_id": 0,
"name": "string",
"path": "string",
"loc_type": "file",
"source_id": 0,
"parent_id": 0,
"tags": "string",
"fragments": "string",
"excluded": true
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
List of queried crawl locations
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| locations | [CrawlLocation] | true | none | none |
| pagination | PaginationExt | false | none | none |
ChildUserListResponse
{
"users": [
{
"user_id": "a169451c-8525-4352-b8ca-070dd449a1a5",
"password": "string",
"email": "user@example.com",
"first_name": "string",
"last_name": "string",
"role_mappings": [
{
"role_mapping_id": "f61157f6-50e6-4275-ac23-602ac291642c",
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"access_all_targets": false,
"target_group_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
],
"user_groups": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"enabled": true,
"totp_enabled": true,
"locked": 0,
"invite_id": "7218104b-c64c-4f30-a184-1a1802b5c56b",
"invite_expired": true,
"expiration_date": "2019-08-24T14:15:22Z",
"sso_exemption": true
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Paginated list of users
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| users | [ChildUser] | true | none | none |
| pagination | PaginationExt | false | none | none |
SSHCredentials
{
"kind": "none",
"username": "string",
"port": 22,
"password": "string",
"ssh_key": "string",
"key_password": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| kind | string | false | none | SSH authentication method |
| username | string | false | none | SSH host username |
| port | integer(int32) | false | none | SSH host port |
| password | string | false | none | SSH host password |
| ssh_key | string | false | none | SSH key |
| key_password | string | false | none | SSH key passphrase |
Enumerated Values
| Property | Value |
|---|---|
| kind | none |
| kind | key |
| kind | password |
ScanResultListResponse
{
"results": [
{
"scan_id": "9a59f0f5-5572-476d-a7fc-c960ef43a5af",
"result_id": "cd1ea384-5045-47f3-9678-d1fc6f8c8581",
"start_date": "2019-08-24T14:15:22Z",
"end_date": "2019-08-24T14:15:22Z",
"status": "string"
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| results | [ScanResultItem] | false | none | [Scan result properties] |
| pagination | PaginationExt | false | none | none |
ScanResultItem
{
"scan_id": "9a59f0f5-5572-476d-a7fc-c960ef43a5af",
"result_id": "cd1ea384-5045-47f3-9678-d1fc6f8c8581",
"start_date": "2019-08-24T14:15:22Z",
"end_date": "2019-08-24T14:15:22Z",
"status": "string"
}
Scan result properties
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| scan_id | string(uuid) | false | none | Scan unique identifier |
| result_id | string(uuid) | false | none | Result unique identifier |
| start_date | string(date-time) | false | none | Scan start-date |
| end_date | string(date-time) | false | none | Scan end-date |
| status | string | false | none | Scan status |
AllowedHost
{
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"address": "string",
"description": ""
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| target_id | string(uuid) | false | none | Target unique identifier |
| address | string(host | url) | true | none |
| description | string | false | none | Target description |
AllowedHosts
{
"hosts": [
{
"target_id": "d3bcdc92-4191-401b-ad0c-42056c6efab9",
"address": "string",
"description": ""
}
]
}
List of Allowed Hosts
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| hosts | [AllowedHost] | false | none | none |
ProxySettings
{
"protocol": "http",
"address": "string",
"port": 0,
"username": "string",
"password": "string",
"enabled": false
}
System proxy settings
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| protocol | string | false | none | Proxy protocol |
| address | string(host) | false | none | Proxy address |
| port | integer | false | none | Proxy port |
| username | string | false | none | Proxy username |
| password | string | false | none | Proxy password |
| enabled | boolean | false | none | Proxy enabled |
Enumerated Values
| Property | Value |
|---|---|
| protocol | http |
OtpSettings
{
"otp_type": "totp",
"secret_key": "string",
"digit": 6,
"period": 30,
"algorithm": "sha1"
}
Otp settings
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| otp_type | string | false | none | OTP Type |
| secret_key | string | false | none | Secret Key |
| digit | integer | false | none | Digit |
| period | integer | false | none | Period |
| algorithm | string | false | none | Algorithm |
Enumerated Values
| Property | Value |
|---|---|
| otp_type | totp |
| otp_type | hotp |
| algorithm | sha1 |
| algorithm | sha256 |
| algorithm | sha512 |
ContinuousScanMode
{
"enabled": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| enabled | boolean | true | none | none |
SensorSecretContainer
{
"secret": "string"
}
AcuSensor secret reset (random secret generated if none set)
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| secret | string(md5) | false | none | none |
SSOSettings
{
"enabled": false,
"sso_type": "saml",
"sso_provider": "Okta",
"auto_provision_enabled": false,
"is_encrypt_assertion": false,
"x509_certificate": "string",
"is_alternate_login_email": false,
"is_enforced": false,
"saml2_endpoint": "string",
"idp_identifier": "string",
"saml2_service_url": "string",
"identifier": "string",
"private_key": "string",
"private_key_password": "string",
"private_key_file_name": "string",
"private_key_detail": "string",
"assertion_certificate": "string",
"assertion_certificate_detail": "string",
"assertion_signed": false,
"auth_signed": false
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| enabled | boolean | true | none | none |
| sso_type | string | false | none | none |
| sso_provider | string | false | none | none |
| auto_provision_enabled | boolean | false | none | none |
| is_encrypt_assertion | boolean | false | none | none |
| x509_certificate | string | false | none | none |
| is_alternate_login_email | boolean | false | none | none |
| is_enforced | boolean | false | none | none |
| saml2_endpoint | string(host) | false | none | none |
| idp_identifier | string(host) | false | none | none |
| saml2_service_url | string(host) | false | none | none |
| identifier | string(host) | false | none | none |
| private_key | string | false | none | none |
| private_key_password | string | false | none | none |
| private_key_file_name | string | false | none | none |
| private_key_detail | string | false | none | none |
| assertion_certificate | string | false | none | none |
| assertion_certificate_detail | string | false | none | none |
| assertion_signed | boolean | false | none | none |
| auth_signed | boolean | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| sso_type | saml |
| sso_type | oidc |
| sso_provider | Okta |
| sso_provider | |
| sso_provider | AzureAD |
| sso_provider | ADFS |
ManualInterventionItem
{
"target_id": "string",
"scan_id": "string",
"scan_session_id": "string",
"scanning_app": "string",
"data": "string",
"index": 0,
"old": 0,
"target_desc": [
"string"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| target_id | string | false | none | none |
| scan_id | string | false | none | none |
| scan_session_id | string | false | none | none |
| scanning_app | string | false | none | none |
| data | string | false | none | none |
| index | integer | false | none | none |
| old | number | false | none | none |
| target_desc | [string] | false | none | Target info (address, description) |
AgentRegistrationToken
{
"token": "b5507016-7da2-4777-a161-1e8042a6a377",
"description": "string",
"created": "2019-08-24T14:15:22Z"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| token | string(uuid) | false | none | Registration token |
| description | string | false | none | Registration token description |
| created | string(date-time) | false | none | Registration token creation timestamp |
NewAgentRegistrationToken
{
"description": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| description | string | false | none | Registration token description |
ExcludedHoursProfile
{
"name": "string",
"excluded_hours_id": "dc657425-7a6b-4b12-aa82-c43507e719f5",
"time_offset": 0,
"exclusion_matrix": [
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | true | none | none |
| excluded_hours_id | string(uuid) | false | none | none |
| time_offset | integer | false | none | Time offset in minutes |
| exclusion_matrix | [boolean] | true | none | Exclusion matrix 7d * 24h, true = exclude, false = ignore |
ExcludedHoursProfilesList
{
"values": [
{
"name": "string",
"excluded_hours_id": "dc657425-7a6b-4b12-aa82-c43507e719f5",
"time_offset": 0,
"exclusion_matrix": [
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true,
true
]
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| values | [ExcludedHoursProfile] | false | none | none |
VulnerabilityRecheck
{
"ui_session_id": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| ui_session_id | string(md5) | false | none | For internal use only |
VulnerabilitiesRecheck
{
"vuln_id_list": [
"string"
],
"ui_session_id": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| vuln_id_list | [string] | false | none | none |
| ui_session_id | string(md5) | false | none | For internal use only |
TargetConfigStatus_sensor
{
"version": "string",
"found": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| version | string | false | none | none |
| found | boolean | false | none | none |
TargetConfigStatus_authentication_missing
{
"url": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| url | string | false | none | none |
TargetConfigStatus_certificate_missing
{
"url": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| url | string | false | none | none |
TargetConfigStatus_login_missing
{
"url": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| url | string | false | none | none |
TargetConfigStatus_authentication_error
{
"url": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| url | string | false | none | none |
TargetConfigStatus_login_sequence
{
"url": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| url | string | false | none | none |
TargetConfigStatus_auto_login
{
"url": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| url | string | false | none | none |
TargetConfigStatus_scope_changed
{
"url": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| url | string | false | none | none |
TargetConfigStatus_importer_failed
{
"url": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| url | string | false | none | none |
TargetConfigStatus_non_responsive
{
"url": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| url | string | false | none | none |
TargetConfigStatus_sensor_detected
{
"url": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| url | string | false | none | none |
TargetConfigStatus_importer_out_of_scope
{
"url": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| url | string | false | none | none |
TaskIdObject
{
"task_id": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| task_id | string | false | none | none |
WorkerList
{
"workers": [
{
"scanning_app": "wvs",
"endpoint": "string",
"description": "string",
"worker_id": "ae5fa6f7-c55b-40c1-b40a-b36ac467652b",
"status": "offline",
"authorization": "pending",
"app_version": "string",
"license_status": "string",
"targets": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"notification_status": true
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| workers | [Worker] | false | none | none |
WorkerIdList
{
"worker_id_list": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| worker_id_list | [string] | false | none | none |
WorkerExtended
{
"scanning_app": "wvs",
"endpoint": "string",
"description": "string",
"worker_id": "ae5fa6f7-c55b-40c1-b40a-b36ac467652b",
"status": "offline",
"authorization": "pending",
"app_version": "string",
"license_status": "string",
"targets": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"notification_status": true,
"max_scans": 0,
"current_scans": 0,
"status_extra": {}
}
Properties
allOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | Worker | false | none | none |
and
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
| » max_scans | integer | false | none | none |
| » current_scans | integer | false | none | none |
| » status_extra | object | false | none | none |
WorkerDescription
{
"description": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| description | string | false | none | none |
Worker
{
"scanning_app": "wvs",
"endpoint": "string",
"description": "string",
"worker_id": "ae5fa6f7-c55b-40c1-b40a-b36ac467652b",
"status": "offline",
"authorization": "pending",
"app_version": "string",
"license_status": "string",
"targets": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"notification_status": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| scanning_app | string | true | none | none |
| endpoint | string(url) | true | none | none |
| description | string | false | none | none |
| worker_id | string(uuid) | false | none | none |
| status | string | false | none | none |
| authorization | string | false | none | none |
| app_version | string | false | none | none |
| license_status | string | false | none | none |
| targets | [string] | false | read-only | none |
| notification_status | boolean | false | none | none |
Enumerated Values
| Property | Value |
|---|---|
| scanning_app | wvs |
| scanning_app | ovas |
| status | offline |
| status | online |
| authorization | pending |
| authorization | authorized |
| authorization | rejected |
| authorization | detached |
TargetDeletionNotification
{
"target_deletion_allowance": 0,
"target_deletion_consumed": true
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| target_deletion_allowance | integer | false | none | none |
| target_deletion_consumed | boolean | false | none | none |
FQDNEntry
{
"fqdn": "string",
"fqdn_hash": "string",
"tm_type": "string",
"last_scanned": "string",
"deleted": "string",
"local_target_count": 0,
"local": true,
"status": "string",
"added": "string",
"updated": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| fqdn | string | false | none | none |
| fqdn_hash | string | false | none | none |
| tm_type | string | false | none | none |
| last_scanned | string | false | none | none |
| deleted | string | false | none | none |
| local_target_count | integer | false | none | none |
| local | boolean | false | none | none |
| status | string | false | none | none |
| added | string | false | none | none |
| updated | string | false | none | none |
FQDNList
{
"fqdns": [
{
"fqdn": "string",
"fqdn_hash": "string",
"tm_type": "string",
"last_scanned": "string",
"deleted": "string",
"local_target_count": 0,
"local": true,
"status": "string",
"added": "string",
"updated": "string"
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| fqdns | [FQDNEntry] | false | none | none |
| pagination | PaginationExt | false | none | none |
EmptyObject
{}
Properties
None
RenderableMessage
{
"template": "string",
"data": "string",
"template_id": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| template | string | false | none | none |
| data | string | false | none | none |
| template_id | string(md5 | empty | null) | false |
WAFsList
{
"wafs": [
{
"platform": "AWS",
"acl_name": "string",
"access_key_id": "string",
"secret_key": "string",
"scope": "CLOUDFRONT",
"region": "us-east-1",
"acl_id": "string",
"proxy": {
"proxy_type": "system",
"settings": {
"protocol": "http",
"address": "string",
"port": 0,
"username": "string",
"password": "string",
"enabled": false
}
},
"waf_id": "dafe8a13-3639-429c-8247-c6f23cadf413",
"name": "string"
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| wafs | [WAFEntry] | false | none | none |
WAFConnectionStatus
{
"success": true,
"message": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| success | boolean | false | none | WAF status |
| message | string | false | none | WAF message |
WAFEntry
{
"platform": "AWS",
"acl_name": "string",
"access_key_id": "string",
"secret_key": "string",
"scope": "CLOUDFRONT",
"region": "us-east-1",
"acl_id": "string",
"proxy": {
"proxy_type": "system",
"settings": {
"protocol": "http",
"address": "string",
"port": 0,
"username": "string",
"password": "string",
"enabled": false
}
},
"waf_id": "dafe8a13-3639-429c-8247-c6f23cadf413",
"name": "string"
}
Properties
allOf
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | WAFConfig | false | none | none |
and
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| anonymous | object | false | none | none |
| » waf_id | string(uuid) | false | none | none |
| » name | string | false | none | none |
WAFConfig
{
"platform": "AWS",
"acl_name": "string",
"access_key_id": "string",
"secret_key": "string",
"scope": "CLOUDFRONT",
"region": "us-east-1",
"acl_id": "string",
"proxy": {
"proxy_type": "system",
"settings": {
"protocol": "http",
"address": "string",
"port": 0,
"username": "string",
"password": "string",
"enabled": false
}
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| platform | string | false | none | WAF platform type |
| acl_name | string | true | none | Web ACL name obtained from aws web portal |
| access_key_id | string | true | none | AWS Access Key Id |
| secret_key | string | true | none | AWS secret access key |
| scope | string | true | none | Scope of the web ACL |
| region | string | false | none | Region of the web ACL (If cloudfront default to us-east-1) |
| acl_id | string | true | none | Web ACL id obtained from aws web portal |
| proxy | object | false | none | none |
| » proxy_type | string | false | none | none |
| » settings | ProxySettings | false | none | System proxy settings |
Enumerated Values
| Property | Value |
|---|---|
| platform | AWS |
| scope | CLOUDFRONT |
| scope | REGIONAL |
| region | us-east-1 |
| region | us-east-2 |
| region | us-west-1 |
| region | us-west-2 |
| region | ca-central-1 |
| region | eu-north-1 |
| region | eu-west-3 |
| region | eu-west-2 |
| region | eu-west-1 |
| region | eu-central-1 |
| region | ap-south-1 |
| region | ap-southeast-1 |
| region | ap-northeast-2 |
| region | ap-southeast-2 |
| region | ap-northeast-1 |
| region | sa-east-1 |
| proxy_type | system |
| proxy_type | no_proxy |
| proxy_type | custom |
RolesList
{
"roles": [
{
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"name": "string",
"description": "string",
"created_at": "2019-08-24",
"owner_id": "8826ee2e-7933-4665-aef2-2393f84a0d05",
"creator_id": "9cceffdd-8381-4074-8256-eafae24ebee6",
"permissions": [
"string"
],
"stats": {
"user_count": 0,
"group_count": 0,
"all_user_count": 0
}
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Paginated list of roles
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| roles | [RoleDetails] | true | none | none |
| pagination | PaginationExt | false | none | none |
PermissionDetailEntry
{
"category": "string",
"name": "string",
"description": "string"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| category | string | false | none | none |
| name | string | false | none | none |
| description | string | false | none | none |
RoleStats
{
"user_count": 0,
"group_count": 0,
"all_user_count": 0
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| user_count | integer | false | none | none |
| group_count | integer | false | none | none |
| all_user_count | integer | false | none | none |
RoleDetails
{
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"name": "string",
"description": "string",
"created_at": "2019-08-24",
"owner_id": "8826ee2e-7933-4665-aef2-2393f84a0d05",
"creator_id": "9cceffdd-8381-4074-8256-eafae24ebee6",
"permissions": [
"string"
],
"stats": {
"user_count": 0,
"group_count": 0,
"all_user_count": 0
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| role_id | string(uuid) | false | none | none |
| name | string | false | none | none |
| description | string | false | none | none |
| created_at | string(date) | false | none | none |
| owner_id | string(uuid) | false | none | none |
| creator_id | string(uuid) | false | none | none |
| permissions | [string] | false | none | none |
| stats | RoleStats | false | none | none |
Role
{
"name": "string",
"description": "string",
"permissions": [
"string"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | true | none | none |
| description | string | true | none | none |
| permissions | [string] | true | none | none |
RoleMapping
{
"role_mapping_id": "f61157f6-50e6-4275-ac23-602ac291642c",
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"access_all_targets": false,
"target_group_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| role_mapping_id | string(uuid) | false | none | Role Mapping Id |
| role_id | string(uuid) | true | none | Role assigned to a User |
| access_all_targets | boolean | false | none | User has access to all Targets |
| target_group_ids | [string] | false | none | Target Groups available to a User |
RoleMappingList
{
"role_mappings": [
{
"role_mapping_id": "f61157f6-50e6-4275-ac23-602ac291642c",
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"access_all_targets": false,
"target_group_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| role_mappings | [RoleMapping] | true | none | none |
RoleMappingIdList
{
"role_mapping_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| role_mapping_ids | [string] | true | none | none |
UserGroupRoleMappings
{
"user_group_id": "2f59988f-5729-4fad-ab6a-4676b83a0180",
"role_mappings": [
{
"role_mapping_id": "f61157f6-50e6-4275-ac23-602ac291642c",
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"access_all_targets": false,
"target_group_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| user_group_id | string(uuid) | true | none | none |
| role_mappings | [RoleMapping] | false | none | none |
PermissionsList
{
"permissions": [
{
"category": "string",
"name": "string",
"description": "string"
}
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| permissions | [PermissionDetailEntry] | false | none | none |
UserGroupsList
{
"user_groups": [
{
"user_group_id": "2f59988f-5729-4fad-ab6a-4676b83a0180",
"name": "string",
"description": "string",
"created": "2019-08-24",
"owner_id": "8826ee2e-7933-4665-aef2-2393f84a0d05",
"creator_id": "9cceffdd-8381-4074-8256-eafae24ebee6",
"user_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"role_mappings": [
{
"role_mapping_id": "f61157f6-50e6-4275-ac23-602ac291642c",
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"access_all_targets": false,
"target_group_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
],
"stats": {
"user_count": 0
}
}
],
"pagination": {
"count": 0,
"cursors": [
"string"
],
"cursor_hash": "string",
"sort": "string"
}
}
Paginated list of User Groups
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| user_groups | [UserGroupDetails] | true | none | none |
| pagination | PaginationExt | false | none | none |
UserGroupDetails
{
"user_group_id": "2f59988f-5729-4fad-ab6a-4676b83a0180",
"name": "string",
"description": "string",
"created": "2019-08-24",
"owner_id": "8826ee2e-7933-4665-aef2-2393f84a0d05",
"creator_id": "9cceffdd-8381-4074-8256-eafae24ebee6",
"user_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"role_mappings": [
{
"role_mapping_id": "f61157f6-50e6-4275-ac23-602ac291642c",
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"access_all_targets": false,
"target_group_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
],
"stats": {
"user_count": 0
}
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| user_group_id | string(uuid) | false | none | none |
| name | string | false | none | none |
| description | string | false | none | none |
| created | string(date) | false | none | none |
| owner_id | string(uuid) | false | none | none |
| creator_id | string(uuid) | false | none | none |
| user_ids | [string] | false | none | none |
| role_mappings | [RoleMapping] | false | none | none |
| stats | UserGroupStats | false | none | none |
UserGroupStats
{
"user_count": 0
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| user_count | integer | false | none | none |
UserGroup
{
"name": "string",
"description": "string",
"role_mappings": [
{
"role_mapping_id": "f61157f6-50e6-4275-ac23-602ac291642c",
"role_id": "ac4e70c8-d5be-48af-93eb-760f58fc91a9",
"access_all_targets": false,
"target_group_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
],
"user_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| name | string | true | none | none |
| description | string | true | none | none |
| role_mappings | [RoleMapping] | false | none | none |
| user_ids | [string] | false | none | none |
UserToUserGroupDetails
{
"user_ids": [
"497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"user_group_id": "2f59988f-5729-4fad-ab6a-4676b83a0180"
}
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| user_ids | [string] | false | none | none |
| user_group_id | string(uuid) | false | none | none |
IntegrationsVulnerabilityIdList
{
"vuln_ids": [
"string"
]
}
A list of vulnerability Ids.
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| vuln_ids | [string] | true | none | An array of vulnerability Ids. |
CreateIssuesViaIntegrationsReportLine
{
"vuln_id": "string",
"target_id": "string",
"integration_id": "string",
"error_msg": "string"
}
Information about a scheduled issue to be created, with an optional error message.
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| vuln_id | string | true | none | Vulnerability Unique Identifier |
| target_id | string(uuid | null) | true | none |
| integration_id | string(uuid | null) | true | none |
| error_msg | string(any | null) | true | none |
CreateIssuesViaIntegrationsResponse
{
"result": [
{
"vuln_id": "string",
"target_id": "string",
"integration_id": "string",
"error_msg": "string"
}
]
}
A list of vulnerabilities, their target and the unique identifier of the integration used to schedule the creation of an issue.
Properties
| Name | Type | Required | Restrictions | Description |
|---|---|---|---|---|
| result | [CreateIssuesViaIntegrationsReportLine] | true | none | An array of report lines. |