Verification Sessions

Get All Verification Sessions

This endpoint returns a list of Verification Session resources.

GET /api/v2/projects/{project_id}/analysis-sessions/

GET /api/v2/projects/1/analysis-sessions/ HTTP/1.1
Accept: application/json
Authorization: Token "YOUR SDE ACCESS TOKEN"

HTTP/1.1 200 OK
Content-Type: application/json

{
    "results": [{
        "id": 682,
        "analysis_ref": "zero.webappsecurity.com",
        "analysis_type": "webinspect",
        "extra": {},
        "created": "2014-12-15T20:10:51.900775Z",
        "updated": "2014-12-15T20:10:51.900775Z",
        "updater": 1
    }]
}

Get a Specific Verification Session

This endpoint returns a specific Verification Session resource.

GET /api/v2/projects/{project_id}/analysis-sessions/{analysis_session_id}/

GET /api/v2/projects/1/analysis-sessions/1/ HTTP/1.1
Accept: application/json
Authorization: Token "YOUR SDE ACCESS TOKEN"

HTTP/1.1 200 OK
Content-Type: application/json

{
    "id": 682,
    "analysis_ref": "zero.webappsecurity.com",
    "analysis_type": "webinspect",
    "extra": {},
    "created": "2014-12-15T20:10:51.900775Z",
    "updated": "2014-12-15T20:10:51.900775Z",
    "updater": 1
}

Create a Verification Session

This endpoint creates an Verification Session resource.

POST /api/v2/projects/{project_id}/analysis-sessions/

Fields Required Description
analysis_ref Yes Arbitrary string used as a session identifier
analysis_type Yes Enum that identifies the type of analysis tool.
Can be one of the following:
  • appscan
  • appscan_enterprise
  • fortify
  • veracode
  • webinspect
  • whitehat
notes No An array of Verification Note resources.
See Create a Verification Note for what fields are supported/required.
The "task" attribute field is required, but "analysis_session" is not required.

Get a list of available analysis_types

POST /api/v2/projects/1/analysis-sessions/ HTTP/1.1
Accept: application/json
Authorization: Token "YOUR SDE ACCESS TOKEN"

{
    "analysis_ref": "zero.webappsecurity.com",
    "analysis_type": "webinspect"
}

HTTP/1.1 201 CREATED
Content-Type: application/json

{
    "id": 1,
    "analysis_ref": "zero.webappsecurity.com",
    "analysis_type": "webinspect",
    "extra": {},
    "created": "2014-12-15T20:10:51.900775Z",
    "updated": "2014-12-15T20:10:51.900775Z",
    "updater": 1
}

Create a Verification Session with embedded Notes

POST /api/v2/projects/1/analysis-sessions/ HTTP/1.1
Accept: application/json
Authorization: Token "YOUR SDE ACCESS TOKEN"

{
    "analysis_ref": "zero.webappsecurity.com",
    "analysis_type": "webinspect",
    "notes": [
      {
          "task": "1-T6",
          "behaviour": "replace",
          "confidence": "high",
          "findings": {},
          "finding_ref": "my_ref",
          "status": "pass"
      }
    ]
}

HTTP/1.1 201 CREATED
Content-Type: application/json

{
    "id": 682,
    "analysis_ref": "zero.webappsecurity.com",
    "analysis_type": "webinspect",
    "extra": {},
    "created": "2014-12-15T20:10:51.900775Z",
    "updated": "2014-12-15T20:10:51.900775Z",
    "updater": 1
}

results matching ""

    No results matching ""