API reference

You will need the following inputs for each of the API endpoints:

YOUR_API_KEY : Go to My account > Settings > Integrations and fetch API key under Akto API. You should pass it with the header X-API-KEY.
URL : This is the url of your Akto dashboard.

POST request for endpoint /api/fetchTestRunResultDetails

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

testingRunResultHexIdstringOptionalExample: 6464783658e3a17b14ddfa67

Responses

200

description

application/json

post

/api/fetchTestRunResultDetails

POST /api/fetchTestRunResultDetails HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 52

{
  "testingRunResultHexId": "6464783658e3a17b14ddfa67"
}

200

description

{
  "metadata": "null",
  "testingRunResults": "null",
  "testingRunResultSummaries": "null",
  "runIssues": "null",
  "selectedTests": "null",
  "maxConcurrentRequests": 0,
  "testingRuns": "null",
  "recurringDaily": false,
  "workflowTest": "null",
  "testingRunResult": {
    "testResults": [
      {
        "testInfo": "null",
        "vulnerable": true,
        "percentageMatch": 100,
        "confidence": {
          "_name": "HIGH"
        },
        "message": "{\"request\": {\"url\": \"https://juiceshop.akto.io/\", \"method\": \"DELETE\", \"type\": \"HTTP/1.1\", \"queryParams\": null, \"body\": \"\", \"headers\": \"{\\\"sec-fetch-mode\\\":\\\"navigate\\\",\\\"sec-fetch-site\\\":\\\"none\\\",\\\"cookie\\\":\\\"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq\\\",\\\"accept-language\\\":\\\"en-GB,en-US;q=0.9,en;q=0.8\\\",\\\"sec-fetch-user\\\":\\\"?1\\\",\\\"x-akto-ignore\\\":\\\"0\\\",\\\"accept\\\":\\\"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7\\\",\\\"sec-ch-ua\\\":\\\"\\\\\\\"Not A(Brand\\\\\\\";v=\\\\\\\"24\\\\\\\", \\\\\\\"Chromium\\\\\\\";v=\\\\\\\"110\\\\\\\"\\\",\\\"sec-ch-ua-mobile\\\":\\\"?0\\\",\\\"sec-ch-ua-platform\\\":\\\"\\\\\\\"macOS\\\\\\\"\\\",\\\"host\\\":\\\"juiceshop.akto.io\\\",\\\"upgrade-insecure-requests\\\":\\\"1\\\",\\\"connection\\\":\\\"close\\\",\\\"accept-encoding\\\":\\\"gzip, deflate\\\",\\\"user-agent\\\":\\\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36\\\",\\\"sec-fetch-dest\\\":\\\"document\\\"}\"}, \"response\": {\"statusCode\": 200, \"body\": \"<!--\\n  ~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.\\n  ~ SPDX-License-Identifier: MIT\\n  --><!DOCTYPE html><html lang=\\\"en\\\"><head>\\n  <meta charset=\\\"utf-8\\\">\\n  <title>OWASP Juice Shop</title>\\n  <meta name=\\\"description\\\" content=\\\"Probably the most modern and sophisticated insecure web application\\\">\\n  <meta name=\\\"viewport\\\" content=\\\"width=device-width, initial-scale=1\\\">\\n  <link id=\\\"favicon\\\" rel=\\\"icon\\\" type=\\\"image/x-icon\\\" href=\\\"assets/public/favicon_js.ico\\\">\\n  <link rel=\\\"stylesheet\\\" type=\\\"text/css\\\" href=\\\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css\\\">\\n  <script src=\\\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js\\\"></script>\\n  <script src=\\\"//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js\\\"></script>\\n  <script>\\n    window.addEventListener(\\\"load\\\", function(){\\n      window.cookieconsent.initialise({\\n        \\\"palette\\\": {\\n          \\\"popup\\\": { \\\"background\\\": \\\"#546e7a\\\", \\\"text\\\": \\\"#ffffff\\\" },\\n          \\\"button\\\": { \\\"background\\\": \\\"#558b2f\\\", \\\"text\\\": \\\"#ffffff\\\" }\\n        },\\n        \\\"theme\\\": \\\"classic\\\",\\n        \\\"position\\\": \\\"bottom-right\\\",\\n        \\\"content\\\": { \\\"message\\\": \\\"This website uses fruit cookies to ensure you get the juiciest tracking experience.\\\", \\\"dismiss\\\": \\\"Me want it!\\\", \\\"link\\\": \\\"But me wait!\\\", \\\"href\\\": \\\"https://www.youtube.com/watch?v=9PnbKL3wuH4\\\" }\\n      })});\\n  </script>\\n<style>.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@charset \\\"UTF-8\\\";@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel=\\\"stylesheet\\\" href=\\\"styles.css\\\" media=\\\"print\\\" onload=\\\"this.media='all'\\\"><noscript><link rel=\\\"stylesheet\\\" href=\\\"styles.css\\\"></noscript></head>\\n<body class=\\\"mat-app-background bluegrey-lightgreen-theme\\\">\\n  <app-root></app-root>\\n<script src=\\\"runtime.js\\\" type=\\\"module\\\"></script><script src=\\\"polyfills.js\\\" type=\\\"module\\\"></script><script src=\\\"vendor.js\\\" type=\\\"module\\\"></script><script src=\\\"main.js\\\" type=\\\"module\\\"></script>\\n\\n</body></html>\", \"headers\": \"{\\\"date\\\":\\\"Wed, 17 May 2023 06:46:14 GMT\\\",\\\"access-control-allow-origin\\\":\\\"*\\\",\\\"last-modified\\\":\\\"Tue, 16 May 2023 08:42:03 GMT\\\",\\\"x-content-type-options\\\":\\\"nosniff\\\",\\\"x-recruiting\\\":\\\"/#/jobs\\\",\\\"vary\\\":\\\"Accept-Encoding\\\",\\\"x-frame-options\\\":\\\"SAMEORIGIN\\\",\\\"content-type\\\":\\\"text/html; charset=UTF-8\\\",\\\"etag\\\":\\\"W/\\\\\\\"7c3-18823b94087\\\\\\\"\\\",\\\"accept-ranges\\\":\\\"bytes\\\",\\\"cache-control\\\":\\\"public, max-age=0\\\",\\\"feature-policy\\\":\\\"payment 'self'\\\"}\"}}",
        "originalMessage": "{\"method\":\"GET\",\"requestPayload\":\"\",\"responsePayload\":\"<!--\\n  ~ Copyright (c) 2014-2023 Bjoern Kimminich & the OWASP Juice Shop contributors.\\n  ~ SPDX-License-Identifier: MIT\\n  --><!DOCTYPE html><html lang=\\\"en\\\"><head>\\n  <meta charset=\\\"utf-8\\\">\\n  <title>OWASP Juice Shop</title>\\n  <meta name=\\\"description\\\" content=\\\"Probably the most modern and sophisticated insecure web application\\\">\\n  <meta name=\\\"viewport\\\" content=\\\"width=device-width, initial-scale=1\\\">\\n  <link id=\\\"favicon\\\" rel=\\\"icon\\\" type=\\\"image/x-icon\\\" href=\\\"assets/public/favicon_js.ico\\\">\\n  <link rel=\\\"stylesheet\\\" type=\\\"text/css\\\" href=\\\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css\\\">\\n  <script src=\\\"//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js\\\"></script>\\n  <script src=\\\"//cdnjs.cloudflare.com/ajax/libs/jquery/2.2.4/jquery.min.js\\\"></script>\\n  <script>\\n    window.addEventListener(\\\"load\\\", function(){\\n      window.cookieconsent.initialise({\\n        \\\"palette\\\": {\\n          \\\"popup\\\": { \\\"background\\\": \\\"#546e7a\\\", \\\"text\\\": \\\"#ffffff\\\" },\\n          \\\"button\\\": { \\\"background\\\": \\\"#558b2f\\\", \\\"text\\\": \\\"#ffffff\\\" }\\n        },\\n        \\\"theme\\\": \\\"classic\\\",\\n        \\\"position\\\": \\\"bottom-right\\\",\\n        \\\"content\\\": { \\\"message\\\": \\\"This website uses fruit cookies to ensure you get the juiciest tracking experience.\\\", \\\"dismiss\\\": \\\"Me want it!\\\", \\\"link\\\": \\\"But me wait!\\\", \\\"href\\\": \\\"https://www.youtube.com/watch?v=9PnbKL3wuH4\\\" }\\n      })});\\n  </script>\\n<style>.bluegrey-lightgreen-theme.mat-app-background{background-color:#303030;color:#fff}@charset \\\"UTF-8\\\";@media screen and (-webkit-min-device-pixel-ratio:0){}</style><link rel=\\\"stylesheet\\\" href=\\\"styles.css\\\" media=\\\"print\\\" onload=\\\"this.media='all'\\\"><noscript><link rel=\\\"stylesheet\\\" href=\\\"styles.css\\\"></noscript></head>\\n<body class=\\\"mat-app-background bluegrey-lightgreen-theme\\\">\\n  <app-root></app-root>\\n<script src=\\\"runtime.js\\\" type=\\\"module\\\"></script><script src=\\\"polyfills.js\\\" type=\\\"module\\\"></script><script src=\\\"vendor.js\\\" type=\\\"module\\\"></script><script src=\\\"main.js\\\" type=\\\"module\\\"></script>\\n\\n</body></html>\",\"ip\":\"null\",\"source\":\"HAR\",\"type\":\"HTTP/1.1\",\"akto_vxlan_id\":\"1679459648\",\"path\":\"https://juiceshop.akto.io/\",\"requestHeaders\":\"{\\\"Cookie\\\":\\\"language=en; welcomebanner_status=dismiss; cookieconsent_status=dismiss; continueCode=v7BmaPZbQ7NroLqvm1YzMVnwOBAVkTefndgpE5jkJlXey43R68K2D9xWNQgq\\\",\\\"Accept\\\":\\\"text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7\\\",\\\"User-Agent\\\":\\\"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.178 Safari/537.36\\\",\\\"Connection\\\":\\\"close\\\",\\\"Sec-Fetch-Site\\\":\\\"none\\\",\\\"Sec-Fetch-Dest\\\":\\\"document\\\",\\\"Host\\\":\\\"juiceshop.akto.io\\\",\\\"Accept-Encoding\\\":\\\"gzip, deflate\\\",\\\"Sec-Fetch-Mode\\\":\\\"navigate\\\",\\\"sec-ch-ua\\\":\\\"\\\\\\\"Not A(Brand\\\\\\\";v=\\\\\\\"24\\\\\\\", \\\\\\\"Chromium\\\\\\\";v=\\\\\\\"110\\\\\\\"\\\",\\\"sec-ch-ua-mobile\\\":\\\"?0\\\",\\\"Upgrade-Insecure-Requests\\\":\\\"1\\\",\\\"sec-ch-ua-platform\\\":\\\"\\\\\\\"macOS\\\\\\\"\\\",\\\"Sec-Fetch-User\\\":\\\"?1\\\",\\\"Accept-Language\\\":\\\"en-GB,en-US;q=0.9,en;q=0.8\\\"}\",\"responseHeaders\":\"{\\\"Access-Control-Allow-Origin\\\":\\\"*\\\",\\\"X-Content-Type-Options\\\":\\\"nosniff\\\",\\\"Connection\\\":\\\"close\\\",\\\"Last-Modified\\\":\\\"Thu, 09 Mar 2023 14:46:29 GMT\\\",\\\"Date\\\":\\\"Thu, 09 Mar 2023 14:48:39 GMT\\\",\\\"X-Frame-Options\\\":\\\"SAMEORIGIN\\\",\\\"Accept-Ranges\\\":\\\"bytes\\\",\\\"X-Recruiting\\\":\\\"/#/jobs\\\",\\\"Cache-Control\\\":\\\"public, max-age=0\\\",\\\"ETag\\\":\\\"W/\\\\\\\"7c3-186c6d67748\\\\\\\"\\\",\\\"Feature-Policy\\\":\\\"payment 'self'\\\",\\\"Vary\\\":\\\"Accept-Encoding\\\",\\\"Content-Length\\\":\\\"1987\\\",\\\"Content-Type\\\":\\\"text/html; charset=UTF-8\\\"}\",\"time\":\"1678373319\",\"contentType\":\"text/html; charset=UTF-8\",\"akto_account_id\":\"1000000\",\"statusCode\":\"200\",\"status\":\"OK\"}"
      }
    ],
    "testSubType": "CHANGE_METHOD_TO_DELETE",
    "vulnerable": true,
    "testRunResultSummaryId": {
      "date": "2023-05-17T12:16:08",
      "timestamp": 1684305968
    },
    "testRunId": {
      "date": "2023-05-17T12:14:33",
      "timestamp": 1684305873
    },
    "testSuperType": "BFLA",
    "id": {
      "date": "2023-05-17T12:16:14",
      "timestamp": 1684305974
    },
    "apiInfoKey": {
      "method": {
        "_name": "GET"
      },
      "apiCollectionId": 1679459648,
      "url": "https://juiceshop.akto.io/"
    },
    "confidencePercentage": 100,
    "endTimestamp": 1684305974,
    "startTimestamp": 1684305973,
    "hexId": "6464783658e3a17b14ddfa67"
  },
  "authMechanism": "null",
  "fetchCicd": false,
  "testingRun": "null",
  "testRunTime": 0,
  "testingRunHexId": "null",
  "endTimestamp": 0,
  "startTimestamp": 0,
  "testName": "null"
}

POST request for endpoint /api/fetchDataTypes

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

objectOptional

Sample description

Responses

200

description

application/json

Responseobject

AKTO_ERROR while building schema

post

/api/fetchDataTypes

POST /api/fetchDataTypes HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 2

{}

200

description

{}

POST request for endpoint /api/fetchAffectedEndpoints

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

Responses

200

description

application/json

post

/api/fetchAffectedEndpoints

POST /api/fetchAffectedEndpoints HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 253

{
  "issueId": {
    "testSubCategory": "CHANGE_METHOD_TO_DELETE",
    "testErrorSource": "AUTOMATED_TESTING",
    "testCategoryFromSourceConfig": "null",
    "apiInfoKey": {
      "method": "GET",
      "apiCollectionId": 1679459648,
      "url": "https://juiceshop.akto.io/"
    },
    "testSourceConfig": "null"
  }
}

200

description

{
  "filterSubCategory": "null",
  "vulnerableRequests": "null",
  "issueId": {
    "testSubCategory": "CHANGE_METHOD_TO_DELETE",
    "testErrorSource": "AUTOMATED_TESTING",
    "testCategoryFromSourceConfig": "null",
    "apiInfoKey": {
      "method": "GET",
      "apiCollectionId": 1679459648,
      "url": "https://juiceshop.akto.io/"
    },
    "testSourceConfig": "null"
  },
  "filterCollectionsId": "null",
  "similarlyAffectedIssues": [
    {
      "severity": "HIGH",
      "lastSeen": 1684301995,
      "creationTime": 1684301995,
      "testRunIssueStatus": "OPEN",
      "latestTestingRunSummaryId": {
        "date": "2023-05-17T11:09:37",
        "timestamp": 1684301977
      },
      "ignoreReason": "null",
      "id": {
        "testSubCategory": "CHANGE_METHOD_TO_DELETE",
        "testErrorSource": "AUTOMATED_TESTING",
        "testCategoryFromSourceConfig": "null",
        "apiInfoKey": {
          "method": "GET",
          "apiCollectionId": 1679462413,
          "url": "https://backend.getbeamer.com/initialize"
        },
        "testSourceConfig": "null"
      }
    }
  ],
  "filterStatus": "null",
  "skip": 0,
  "filterSeverity": "null",
  "startEpoch": 0,
  "issueIdArray": "null",
  "testSourceConfigs": "null",
  "issues": "null",
  "subCategories": "null",
  "totalIssuesCount": 0,
  "testingRunResult": "null",
  "ignoreReason": "null",
  "limit": 0,
  "categories": "null",
  "statusToBeUpdated": "null"
}

POST request for endpoint /api/fetchTagConfigs

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

objectOptional

Sample description

Responses

200

description

application/json

post

/api/fetchTagConfigs

POST /api/fetchTagConfigs HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 2

{}

200

description

{
  "tagConfigs": {
    "tagConfigs": [
      {
        "name": "API",
        "creatorId": 1679380132,
        "active": true,
        "id": {
          "date": "2023-03-22T10:52:11",
          "timestamp": 1679462531
        },
        "keyConditions": {
          "predicates": [
            {
              "type": "REGEX",
              "value": ".*api.*"
            }
          ],
          "operator": "AND"
        },
        "timestamp": 1679462531
      }
    ],
    "usersMap": {
      "NUMBER": "null"
    }
  },
  "tagConfig": "null",
  "name": "null",
  "active": false,
  "keyConditionFromUsers": "null",
  "createNew": false,
  "keyOperator": "null"
}

POST request for endpoint /api/loadContent

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

apiCollectionIdinteger · int32OptionalExample: 1684477780

Responses

200

description

application/json

Responseobject

Sample description

post

/api/loadContent

POST /api/loadContent HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 30

{
  "apiCollectionId": 1684477780
}

200

description

{}

POST request for endpoint /api/retrieveAllCollectionTests

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

fetchCicdbooleanOptionalExample: false

Responses

200

description

application/json

post

/api/retrieveAllCollectionTests

POST /api/retrieveAllCollectionTests HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 19

{
  "fetchCicd": false
}

200

description

{
  "metadata": "null",
  "testingRunResults": "null",
  "testingRunResultSummaries": "null",
  "runIssues": "null",
  "selectedTests": "null",
  "maxConcurrentRequests": 0,
  "recurringDaily": false,
  "workflowTest": "null",
  "authMechanism": {
    "authParams": [
      {
        "showHeader": true,
        "where": "HEADER",
        "value": "text",
        "key": "access-token"
      }
    ],
    "id": {
      "date": "2023-03-22T12:11:33",
      "timestamp": 1679467293
    },
    "type": "HARDCODED",
    "uuid": "83c47038-0770-4f7c-946c-539b5927a97f"
  },
  "testingRunResult": "null",
  "fetchCicd": false,
  "testingRun": "null",
  "testRunTime": 0,
  "testingRunHexId": "null",
  "endTimestamp": 1684564190,
  "startTimestamp": 1684477790,
  "testName": "null"
}

POST request for endpoint /api/fetchPostmanWorkspaces

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

api_keystringOptionalExample: PMAK-646733223asdasas579bbdd-dca753sdufhgy98erhwui245f12102

Responses

200

description

application/json

post

/api/fetchPostmanWorkspaces

POST /api/fetchPostmanWorkspaces HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 73

{
  "api_key": "PMAK-646733223asdasas579bbdd-dca753sdufhgy98erhwui245f12102"
}

200

description

{
  "postmanCred": "{}",
  "workspaces": [
    {
      "name": "My Workspace",
      "id": "48dada0a-f1c4-499d-8d4b-0bcbc2ff016f",
      "type": "personal"
    }
  ]
}

POST request for endpoint /api/fetchQuickStartPageState

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

objectOptional

Sample description

Responses

200

description

application/json

post

/api/fetchQuickStartPageState

POST /api/fetchQuickStartPageState HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 2

{}

200

description

{
  "aktoMirroringStackName": "null",
  "awsRegion": "null",
  "awsAccountId": "null",
  "aktoDashboardStackName": "null",
  "configuredItems": [
    "BURP"
  ],
  "aktoDashboardRoleName": "null"
}

POST request for endpoint /api/importDataFromPostmanFile

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

postmanCollectionFilestringOptionalExample:

{ "info": { "_postman_id": "c144967f-ca7f-4d01-a2a3-b171512d11e7", "name": "test01", "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json", "_exporter_id": "16638923" }, "item": [ { "name": "req01", "request": { "method": "GET", "header": [], "url": { "raw": "url01?p01=v01&p02&p03", "host": [ "url01" ], "query": [ { "key": "p01", "value": "v01" }, { "key": "p02", "value": null }, { "key": "p03", "value": null } ] } }, "response": [] }, { "name": "re02", "request": { "auth": { "type": "apikey", "apikey": [ { "key": "value", "value": "", "type": "string" }, { "key": "key", "value": "k01", "type": "string" } ] }, "method": "POST", "header": [ { "key": "h01", "value": "", "type": "default" }, { "key": "h02", "value": "", "type": "default" } ], "url": { "raw": "re102?p01&p02&p03&p04", "host": [ "re102" ], "query": [ { "key": "p01", "value": null }, { "key": "p02", "value": null }, { "key": "p03", "value": null }, { "key": "p04", "value": null } ] } }, "response": [] }, { "name": "r03", "request": { "method": "DELETE", "header": [], "url": { "raw": "d01?p01", "host": [ "d01" ], "query": [ { "key": "p01", "value": null } ] } }, "response": [] } ] }

allowReplaybooleanOptionalExample: true

Responses

200

description

application/json

post

/api/importDataFromPostmanFile

POST /api/importDataFromPostmanFile HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 2668

{
  "postmanCollectionFile": "{\n\t\"info\": {\n\t\t\"_postman_id\": \"c144967f-ca7f-4d01-a2a3-b171512d11e7\",\n\t\t\"name\": \"test01\",\n\t\t\"schema\": \"https://schema.getpostman.com/json/collection/v2.1.0/collection.json\",\n\t\t\"_exporter_id\": \"16638923\"\n\t},\n\t\"item\": [\n\t\t{\n\t\t\t\"name\": \"req01\",\n\t\t\t\"request\": {\n\t\t\t\t\"method\": \"GET\",\n\t\t\t\t\"header\": [],\n\t\t\t\t\"url\": {\n\t\t\t\t\t\"raw\": \"url01?p01=v01&p02&p03\",\n\t\t\t\t\t\"host\": [\n\t\t\t\t\t\t\"url01\"\n\t\t\t\t\t],\n\t\t\t\t\t\"query\": [\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\"key\": \"p01\",\n\t\t\t\t\t\t\t\"value\": \"v01\"\n\t\t\t\t\t\t},\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\"key\": \"p02\",\n\t\t\t\t\t\t\t\"value\": null\n\t\t\t\t\t\t},\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\"key\": \"p03\",\n\t\t\t\t\t\t\t\"value\": null\n\t\t\t\t\t\t}\n\t\t\t\t\t]\n\t\t\t\t}\n\t\t\t},\n\t\t\t\"response\": []\n\t\t},\n\t\t{\n\t\t\t\"name\": \"re02\",\n\t\t\t\"request\": {\n\t\t\t\t\"auth\": {\n\t\t\t\t\t\"type\": \"apikey\",\n\t\t\t\t\t\"apikey\": [\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\"key\": \"value\",\n\t\t\t\t\t\t\t\"value\": \"\",\n\t\t\t\t\t\t\t\"type\": \"string\"\n\t\t\t\t\t\t},\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\"key\": \"key\",\n\t\t\t\t\t\t\t\"value\": \"k01\",\n\t\t\t\t\t\t\t\"type\": \"string\"\n\t\t\t\t\t\t}\n\t\t\t\t\t]\n\t\t\t\t},\n\t\t\t\t\"method\": \"POST\",\n\t\t\t\t\"header\": [\n\t\t\t\t\t{\n\t\t\t\t\t\t\"key\": \"h01\",\n\t\t\t\t\t\t\"value\": \"\",\n\t\t\t\t\t\t\"type\": \"default\"\n\t\t\t\t\t},\n\t\t\t\t\t{\n\t\t\t\t\t\t\"key\": \"h02\",\n\t\t\t\t\t\t\"value\": \"\",\n\t\t\t\t\t\t\"type\": \"default\"\n\t\t\t\t\t}\n\t\t\t\t],\n\t\t\t\t\"url\": {\n\t\t\t\t\t\"raw\": \"re102?p01&p02&p03&p04\",\n\t\t\t\t\t\"host\": [\n\t\t\t\t\t\t\"re102\"\n\t\t\t\t\t],\n\t\t\t\t\t\"query\": [\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\"key\": \"p01\",\n\t\t\t\t\t\t\t\"value\": null\n\t\t\t\t\t\t},\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\"key\": \"p02\",\n\t\t\t\t\t\t\t\"value\": null\n\t\t\t\t\t\t},\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\"key\": \"p03\",\n\t\t\t\t\t\t\t\"value\": null\n\t\t\t\t\t\t},\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\"key\": \"p04\",\n\t\t\t\t\t\t\t\"value\": null\n\t\t\t\t\t\t}\n\t\t\t\t\t]\n\t\t\t\t}\n\t\t\t},\n\t\t\t\"response\": []\n\t\t},\n\t\t{\n\t\t\t\"name\": \"r03\",\n\t\t\t\"request\": {\n\t\t\t\t\"method\": \"DELETE\",\n\t\t\t\t\"header\": [],\n\t\t\t\t\"url\": {\n\t\t\t\t\t\"raw\": \"d01?p01\",\n\t\t\t\t\t\"host\": [\n\t\t\t\t\t\t\"d01\"\n\t\t\t\t\t],\n\t\t\t\t\t\"query\": [\n\t\t\t\t\t\t{\n\t\t\t\t\t\t\t\"key\": \"p01\",\n\t\t\t\t\t\t\t\"value\": null\n\t\t\t\t\t\t}\n\t\t\t\t\t]\n\t\t\t\t}\n\t\t\t},\n\t\t\t\"response\": []\n\t\t}\n\t]\n}",
  "allowReplay": true
}

200

description

{
  "postmanCred": "{}",
  "workspaces": "null"
}

POST request for endpoint /api/fetchAPICollection

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

useHostbooleanOptionalExample: false

apiCollectionIdinteger · int32OptionalExample: 1684477780

Responses

200

description

application/json

post

/api/fetchAPICollection

POST /api/fetchAPICollection HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 46

{
  "useHost": false,
  "apiCollectionId": 1684477780
}

200

description

{
  "data": {
    "endpoints": [
      {
        "startTs": 1684477861,
        "changesCount": 67,
        "_id": {
          "method": "POST",
          "apiCollectionId": 1684477780,
          "url": "/api/fetchTestRunResultDetails",
          "tags": [
            "API"
          ]
        }
      }
    ],
    "apiInfoList": [
      {
        "lastSeen": 1684477862,
        "actualAuthType": [
          "JWT"
        ],
        "allAuthTypesFound": [
          [
            "JWT"
          ]
        ],
        "violations": "{}",
        "id": {
          "method": "POST",
          "apiCollectionId": 1684477780,
          "url": "/api/fetchTestRunResultDetails"
        }
      }
    ]
  }
}

POST request for endpoint /api/fetchAllSubCategories

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

objectOptional

Sample description

Responses

200

description

application/json

Responseobject

AKTO_ERROR while building schema

post

/api/fetchAllSubCategories

POST /api/fetchAllSubCategories HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 2

{}

200

description

{}

POST request for endpoint /api/fetchNewParametersTrend

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

endTimestampinteger · int32OptionalExample: 1684477941

startTimestampinteger · int32OptionalExample: 1679293941

Responses

200

description

application/json

post

/api/fetchNewParametersTrend

POST /api/fetchNewParametersTrend HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 55

{
  "endTimestamp": 1684477941,
  "startTimestamp": 1679293941
}

200

description

{
  "data": {
    "endpoints": [
      {
        "count": 3892,
        "_id": 19496
      }
    ]
  }
}

POST request for endpoint /api/fetchFilters

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

objectOptional

Sample description

Responses

200

description

application/json

post

/api/fetchFilters

POST /api/fetchFilters HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 2

{}

200

description

{
  "runtimeFilters": [
    {
      "useCase": "DETERMINE_API_ACCESS_TYPE",
      "customFilterList": [
        {
          "endValue": 299,
          "startValue": 200
        }
      ],
      "name": "Open Endpoints",
      "id": 1679459648,
      "customFiltersOperator": "AND",
      "customFieldName": "access_type"
    }
  ]
}

POST request for endpoint /api/fetchTestRoles

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

objectOptional

Sample description

Responses

200

description

application/json

post

/api/fetchTestRoles

POST /api/fetchTestRoles HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 2

{}

200

description

{
  "testRoles": [
    {
      "authMechanism": {
        "authParams": [
          {
            "showHeader": true,
            "where": "HEADER",
            "value": "eyJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJBa3RvIiwic3ViIjoibG9naW4iLCJzaWduZWRVcCI6InRydWUiLCJ1c2VybmFtZSI6ImFua3VzaEBha3RvLmlvIiwiaWF0IjoxNjc5NDY3MjQxLCJleHAiOjE2Nzk0NjgxNDF9.HAK__lPJUyeGIFCqNPdstCDAYZYzIQTMmJfRLKWTYRKGnZDX6TF2XWs756SflLJYLRl9vE8LONPB5D1ij2LZpokP1rtYGDVe7e2PtgPqlEumoK4xMutucT6i42QStBTaSimVXcU4k9lwr3n4thL-lZt1KNctcsdG4cXvdOoMV6oAClQEJpgAChbO8WAHunIgQQ3vsCUXTOEEqy0atJEeed4UnXut3810g1QuCbJtKGn1I7lqh99MrQnE_T33TNIIpWJ_VeZgunroURFCMTaMJSyc8h2UiM8Bx60SGyDE6G7kwODYBRx_OKWTW-V0jV9GTTzhIYcDNBqkZ3O0uADO1w",
            "key": "access-token"
          }
        ],
        "id": "null",
        "requestData": "null",
        "type": "HARDCODED",
        "uuid": "25edec4b-b739-468c-9517-7869ce6bddbf"
      },
      "createdBy": "[email protected]",
      "name": "ADMIN",
      "lastUpdatedTs": 1679467896,
      "endpointLogicalGroupId": {
        "date": "2023-03-22T11:43:13",
        "timestamp": 1679465559
      },
      "id": {
        "date": "2023-03-22T11:43:13",
        "timestamp": 1679465559
      },
      "createdTs": 1679465559,
      "endpointLogicalGroup": {
        "groupName": "MEMBER_endpoint-logical-group",
        "createdBy": "[email protected]",
        "testingEndpoints": {
          "andConditions": "null",
          "type": "LOGICAL_GROUP",
          "orConditions": {
            "predicates": [
              {
                "type": "CONTAINS",
                "value": "api"
              }
            ],
            "operator": "OR"
          }
        },
        "id": {
          "date": "2023-03-22T11:43:13",
          "timestamp": 1679465559
        },
        "updatedTs": 1679467896,
        "createdTs": 1679465559
      }
    }
  ],
  "roleName": "null",
  "andConditions": "null",
  "selectedRole": "null",
  "orConditions": "null"
}

POST request for endpoint /api/fetchSubTypeCountMap

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

endTimestampinteger · int32OptionalExample: 1684478055

startTimestampinteger · int32OptionalExample: 0

Responses

200

description

application/json

post

/api/fetchSubTypeCountMap

POST /api/fetchSubTypeCountMap HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 46

{
  "endTimestamp": 1684478055,
  "startTimestamp": 0
}

200

description

{
  "listOfEndpointsInCollection": "null",
  "endpoints": "null",
  "method": "null",
  "skip": 0,
  "apiCollectionId": -1,
  "filters": "null",
  "url": "null",
  "filterOperators": "null",
  "urls": "null",
  "sortKey": "null",
  "response": {
    "subTypeCountMap": {
      "REQUEST": {
        "USERNAME": 2,
        "PHONE_NUMBER": 1,
        "EMAIL": 7
      },
      "RESPONSE": {
        "JWT": 15,
        "USERNAME": 5,
        "IP_ADDRESS": 1,
        "EMAIL": 26,
        "TOKEN": 1,
        "SECRET": 3
      }
    }
  },
  "sortOrder": 0,
  "limit": 0
}

POST request for endpoint /api/fetchIssueFromTestRunResultDetails

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

testingRunResultHexIdstringOptionalExample: 6464783658e3a17b14ddfa67

Responses

200

description

application/json

post

/api/fetchIssueFromTestRunResultDetails

POST /api/fetchIssueFromTestRunResultDetails HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 52

{
  "testingRunResultHexId": "6464783658e3a17b14ddfa67"
}

200

description

{
  "metadata": "null",
  "testingRunResults": "null",
  "testingRunResultSummaries": "null",
  "runIssues": {
    "severity": "HIGH",
    "lastSeen": 1684305974,
    "creationTime": 1684305974,
    "testRunIssueStatus": "OPEN",
    "ignoreReason": "null",
    "latestTestingRunSummaryId": {
      "date": "2023-05-17T12:16:08",
      "timestamp": 1684305968
    },
    "id": {
      "testSubCategory": "CHANGE_METHOD_TO_DELETE",
      "testErrorSource": "AUTOMATED_TESTING",
      "testCategoryFromSourceConfig": "null",
      "apiInfoKey": {
        "method": "GET",
        "apiCollectionId": 1679459648,
        "url": "https://juiceshop.akto.io/"
      },
      "testSourceConfig": "null"
    }
  },
  "selectedTests": "null",
  "maxConcurrentRequests": 0,
  "testingRuns": "null",
  "recurringDaily": false,
  "workflowTest": "null",
  "authMechanism": "null",
  "testingRunResult": "null",
  "fetchCicd": false,
  "testingRun": "null",
  "testRunTime": 0,
  "testingRunHexId": "null",
  "endTimestamp": 0,
  "startTimestamp": 0,
  "testName": "null"
}

POST request for endpoint /api/fetchSearchTestResults

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

searchTextstringOptional

Responses

200

description

application/json

post

/api/fetchSearchTestResults

POST /api/fetchSearchTestResults HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 17

{
  "searchText": ""
}

200

description

{
  "severity": "null",
  "searchText": "",
  "description": "null",
  "defaultCreator": false,
  "inbuiltTests": [
    {
      "issueTags": [
        "Business logic"
      ],
      "issueImpact": "text",
      "superCategory": {
        "severity": {
          "_name": "HIGH"
        },
        "displayName": "Broken Object Level Authorization (BOLA)",
        "name": "SSRF",
        "shortName": "Broken Function Level Authorization"
      },
      "references": "null",
      "_name": "ADD_PUT_METHOD_OVERRIDE_HEADERS",
      "name": "ADD_PUT_METHOD_OVERRIDE_HEADERS",
      "issueDetails": "\"The endpoint appears to be vulnerable to Server Side Request Forgery attack. The original request was replayed by replacing CSV upload parameter with url that redirects to AWS IMDS endpoint. The application responded with 2XX success code and also gave out sensitive AWS information in response. Server-Side Request Forgery (SSRF) flaws occur whenever an API is fetching a remote resource without validating the user-supplied URL. It allows an attacker to coerce the application to send a crafted request to an unexpected destination, even when protected by a firewall or a VPN.\\n \"Modern concepts in application development make SSRF more common and more dangerous.\\n\" \"More common - the following concepts encourage developers to access an external resource based on user input: Webhooks, file fetching from URLs, custom SSO, and URL previews.\\n\" \"More dangerous - Modern technologies like cloud providers, Kubernetes, and Docker expose management and control channels over HTTP on predictable, well-known paths. Those channels are an easy target for an SSRF attack.\\n\" \"It is also more challenging to limit outbound traffic from your application, because of the connected nature of modern applications.\\n\" + \"The SSRF risk can not always be completely eliminated. While choosing a protection mechanism, it is important to consider the business risks and needs.\"\n",
      "issueDescription": "Quite often, APIs do not impose any restrictions on the size or number of resources that can be requested by the user.",
      "testName": "BFLA by HTTP DELETE method overriding"
    }
  ],
  "categories": [
    {
      "severity": {
        "_name": "HIGH"
      },
      "_name": "SSRF",
      "displayName": "Improper Assets Management (IAM)",
      "name": "SSRF",
      "shortName": "Broken Function Level Authorization"
    }
  ],
  "testSourceConfigs": "null",
  "category": "null",
  "subcategory": "null",
  "searchResults": [
    {
      "severity": {
        "_name": "HIGH"
      },
      "creator": "default",
      "addedEpoch": 1679402464,
      "description": "",
      "stars": 0,
      "id": "https://github.com/akto-api-security/tests-library/blob/master/Misconfiguration/configs/appspec-yml-disclosure.yaml",
      "category": {
        "severity": {
          "_name": "HIGH"
        },
        "_name": "INJ",
        "displayName": "Broken Object Level Authorization (BOLA)",
        "name": "INJ",
        "shortName": "Injection"
      },
      "subcategory": "redirect",
      "installs": 0,
      "tags": "null"
    }
  ],
  "url": "null",
  "tags": "null"
}

POST request for endpoint /api/fetchSensitiveSampleData

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

methodstringOptionalExample: POST

apiCollectionIdinteger · int32OptionalExample: 1684477780

urlstringOptionalExample: /api/fetchQuickStartPageState

Responses

200

description

application/json

post

/api/fetchSensitiveSampleData

POST /api/fetchSensitiveSampleData HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 84

{
  "method": "POST",
  "apiCollectionId": 1684477780,
  "url": "/api/fetchQuickStartPageState"
}

200

description

{
  "sensitiveSampleData": "{}",
  "sampleDataList": "null",
  "traffic": "{}"
}

POST request for endpoint /api/loadParamsOfEndpoint

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

methodstringOptionalExample: POST

apiCollectionIdinteger · int32OptionalExample: 1684477780

urlstringOptionalExample: /api/fetchQuickStartPageState

Responses

200

description

application/json

post

/api/loadParamsOfEndpoint

POST /api/loadParamsOfEndpoint HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 84

{
  "method": "POST",
  "apiCollectionId": 1684477780,
  "url": "/api/fetchQuickStartPageState"
}

200

description

{
  "data": {
    "params": [
      {
        "isUrlParam": false,
        "method": "POST",
        "maxValue": -9223372036854675000,
        "values": {
          "elements": [
            "http://localhost:8080"
          ]
        },
        "count": 5,
        "isPrivate": true,
        "apiCollectionId": 1684477780,
        "sensitive": false,
        "url": "/api/fetchQuickStartPageState",
        "responseCode": 200,
        "duration": 0,
        "minValue": 9223372036854675000,
        "lastSeen": 1684477861,
        "publicCount": 0,
        "param": "date",
        "isHeader": true,
        "subTypeString": "GENERIC",
        "domain": "ENUM",
        "subType": {
          "sensitiveAlways": false,
          "name": "GENERIC",
          "swaggerSchemaClass": "class io.swagger.v3.oas.models.media.StringSchema",
          "sensitivePosition": [
            "RESPONSE_PAYLOAD"
          ],
          "superType": "STRING"
        },
        "timestamp": 1684477861,
        "uniqueCount": 0
      }
    ]
  }
}

POST request for endpoint /api/getAllCollections

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

objectOptional

Sample description

Responses

200

description

application/json

post

/api/getAllCollections

POST /api/getAllCollections HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 2

{}

200

description

{
  "apiCollections": [
    {
      "hostName": "null",
      "urlsCount": 0,
      "vxlanId": 0,
      "displayName": "AktoSwagger",
      "name": "AktoSwagger",
      "startTs": 1679462413,
      "id": 0
    }
  ],
  "apiCollectionId": 0
}

POST request for endpoint /api/updateIssueStatus

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

ignoreReasonstringOptionalExample: No time to fix

statusToBeUpdatedstringOptionalExample: IGNORED

Responses

200

description

application/json

post

/api/updateIssueStatus

POST /api/updateIssueStatus HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 318

{
  "issueId": {
    "testSubCategory": "REMOVE_TOKENS",
    "testErrorSource": "AUTOMATED_TESTING",
    "testCategoryFromSourceConfig": "null",
    "apiInfoKey": {
      "method": "GET",
      "apiCollectionId": 1679462413,
      "url": "http://localhost:8080/api/updateProfile"
    },
    "testSourceConfig": "null"
  },
  "ignoreReason": "No time to fix",
  "statusToBeUpdated": "IGNORED"
}

200

description

{
  "filterSubCategory": "null",
  "vulnerableRequests": "null",
  "issueId": {
    "testSubCategory": "REMOVE_TOKENS",
    "testErrorSource": "AUTOMATED_TESTING",
    "testCategoryFromSourceConfig": "null",
    "apiInfoKey": {
      "method": "GET",
      "apiCollectionId": 1679462413,
      "url": "http://localhost:8080/api/updateProfile"
    },
    "testSourceConfig": "null"
  },
  "filterCollectionsId": "null",
  "similarlyAffectedIssues": "null",
  "filterStatus": "null",
  "skip": 0,
  "filterSeverity": "null",
  "startEpoch": 0,
  "issueIdArray": "null",
  "testSourceConfigs": "null",
  "issues": "null",
  "subCategories": "null",
  "totalIssuesCount": 0,
  "testingRunResult": "null",
  "ignoreReason": "null",
  "limit": 0,
  "categories": "null",
  "statusToBeUpdated": "OPEN"
}

POST request for endpoint /api/fetchAktoGptConfig

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

apiCollectionIdinteger · int32OptionalExample: 1684477780

Responses

200

description

application/json

post

/api/fetchAktoGptConfig

POST /api/fetchAktoGptConfig HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 30

{
  "apiCollectionId": 1684477780
}

200

description

{
  "apiCollectionId": 1684477780,
  "currentState": [
    {
      "state": "ENABLED",
      "id": 1684477780,
      "collectionName": "AktoSwagger"
    }
  ]
}

POST request for endpoint /api/fetchDataTypeNames

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

objectOptional

Sample description

Responses

200

description

application/json

post

/api/fetchDataTypeNames

POST /api/fetchDataTypeNames HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 2

{}

200

description

{
  "totalSampleDataCount": 0,
  "dataTypes": "null",
  "currentProcessed": 0,
  "customSubTypeMatches": "null",
  "customDataType": "null",
  "allDataTypes": [
    "IBAN EUROPE"
  ],
  "sensitivePosition": "null",
  "aktoDataType": "null"
}

POST request for endpoint /api/loadRecentEndpoints

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

endTimestampinteger · int32OptionalExample: 1684477941

startTimestampinteger · int32OptionalExample: 1679293941

Responses

200

description

application/json

post

/api/loadRecentEndpoints

POST /api/loadRecentEndpoints HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 55

{
  "endTimestamp": 1684477941,
  "startTimestamp": 1679293941
}

200

description

{
  "data": {
    "endpoints": [
      {
        "count": 1,
        "countTs": 44,
        "startTs": 1679927524,
        "_id": {
          "method": "POST",
          "apiCollectionId": 1679462413,
          "url": "http://localhost:8080/api/updateProfile",
          "tags": [
            "API"
          ]
        }
      }
    ],
    "apiInfoList": [
      {
        "lastSeen": 1684477751,
        "actualAuthType": [
          "AUTHORIZATION_HEADER"
        ],
        "allAuthTypesFound": [
          [
            "AUTHORIZATION_HEADER"
          ]
        ],
        "violations": "{}",
        "id": {
          "method": "POST",
          "apiCollectionId": 1681120246,
          "url": "/api/fetchTestRunResultDetails"
        }
      }
    ]
  }
}

POST request for endpoint /api/fetchAllIssues

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

limitinteger · int32OptionalExample: 20

filterStatusstring[]OptionalExample: OPEN

skipinteger · int32OptionalExample: 0

startEpochinteger · int32OptionalExample: 0

Responses

200

description

application/json

post

/api/fetchAllIssues

POST /api/fetchAllIssues HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 60

{
  "limit": 20,
  "filterStatus": [
    "OPEN"
  ],
  "skip": 0,
  "startEpoch": 0
}

200

description

{
  "vulnerableRequests": "null",
  "issueId": "null",
  "similarlyAffectedIssues": "null",
  "filterStatus": [
    "OPEN"
  ],
  "skip": 0,
  "startEpoch": 0,
  "issueIdArray": "null",
  "testSourceConfigs": "null",
  "issues": [
    {
      "severity": "HIGH",
      "lastSeen": 1684304084,
      "creationTime": 1684304084,
      "testRunIssueStatus": "OPEN",
      "latestTestingRunSummaryId": {
        "date": "2023-05-17T12:16:08",
        "timestamp": 1684301977
      },
      "ignoreReason": "null",
      "id": {
        "testSubCategory": "ADD_PUT_METHOD_OVERRIDE_HEADERS",
        "testErrorSource": "AUTOMATED_TESTING",
        "testCategoryFromSourceConfig": "null",
        "apiInfoKey": {
          "method": "POST",
          "apiCollectionId": 1679462413,
          "url": "http://localhost:8080/api/updateProfile"
        },
        "testSourceConfig": "null"
      }
    }
  ],
  "subCategories": "null",
  "totalIssuesCount": 299,
  "testingRunResult": "null",
  "ignoreReason": "null",
  "limit": 20,
  "categories": "null",
  "statusToBeUpdated": "null"
}

POST request for endpoint /api/addTestRoles

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

roleNamestringOptionalExample: GUEST

Responses

200

description

application/json

post

/api/addTestRoles

POST /api/addTestRoles HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 108

{
  "roleName": "GUEST",
  "orConditions": {
    "predicates": [
      {
        "type": "CONTAINS",
        "value": "api/user/"
      }
    ],
    "operator": "OR"
  }
}

200

description

{
  "testRoles": "null",
  "roleName": "GUEST",
  "andConditions": "null",
  "selectedRole": {
    "createdBy": "[email protected]",
    "authMechanism": "null",
    "name": "GUEST",
    "lastUpdatedTs": 1684477847,
    "id": {
      "date": "2023-05-19T12:00:47",
      "timestamp": 1684477847
    },
    "endpointLogicalGroupId": {
      "date": "2023-05-19T12:00:47",
      "timestamp": 1684477847
    },
    "createdTs": 1684477847,
    "endpointLogicalGroup": {
      "groupName": "GUEST_endpoint-logical-group",
      "createdBy": "[email protected]",
      "testingEndpoints": {
        "andConditions": "null",
        "type": "LOGICAL_GROUP",
        "orConditions": {
          "predicates": [
            {
              "type": "CONTAINS",
              "value": "api/user/"
            }
          ],
          "operator": "OR"
        }
      },
      "id": {
        "date": "2023-05-19T12:00:47",
        "timestamp": 1684477847
      },
      "updatedTs": 1684477847,
      "createdTs": 1684477847
    }
  },
  "orConditions": {
    "predicates": [
      {
        "type": "CONTAINS",
        "value": "api/user/"
      }
    ],
    "operator": "OR"
  }
}

POST request for endpoint /api/fetchTestingRunResults

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

testingRunResultSummaryHexIdstringOptionalExample: 6464783058e3a17b14ddf64e

Responses

200

description

application/json

post

/api/fetchTestingRunResults

POST /api/fetchTestingRunResults HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 59

{
  "testingRunResultSummaryHexId": "6464783058e3a17b14ddf64e"
}

200

description

{
  "metadata": "null",
  "testingRunResults": [
    {
      "testResults": "null",
      "testRunResultSummaryId": {
        "date": "2023-05-17T12:16:08",
        "timestamp": 1684305968
      },
      "testRunId": {
        "date": "2023-05-17T12:14:33",
        "timestamp": 1684305873
      },
      "singleTypeInfos": "null",
      "vulnerable": true,
      "testSubType": "CHANGE_METHOD_TO_GET",
      "testSuperType": "BFLA",
      "apiInfoKey": {
        "method": "POST",
        "apiCollectionId": 1679459648,
        "url": "https://juiceshop.akto.io/rest/basket/6"
      },
      "id": {
        "date": "2023-05-17T12:16:13",
        "timestamp": 1684305973
      },
      "confidencePercentage": 100,
      "endTimestamp": 1684305972,
      "startTimestamp": 1684305972,
      "hexId": "6464783658e3a17b14ddfa47"
    }
  ],
  "testingRunResultSummaries": "null",
  "runIssues": "null",
  "selectedTests": "null",
  "maxConcurrentRequests": 0,
  "testingRuns": "null",
  "recurringDaily": false,
  "workflowTest": "null",
  "authMechanism": "null",
  "testingRunResult": "null",
  "fetchCicd": false,
  "testingRun": "null",
  "testRunTime": 0,
  "testingRunHexId": "null",
  "endTimestamp": 0,
  "startTimestamp": 0,
  "testName": "null"
}

POST request for endpoint /api/fetchAllMarketplaceSubcategories

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

objectOptional

Sample description

Responses

200

description

application/json

Responseobject

AKTO_ERROR while building schema

post

/api/fetchAllMarketplaceSubcategories

POST /api/fetchAllMarketplaceSubcategories HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 2

{}

200

description

{}

POST request for endpoint /api/fetchSensitiveParamsForEndpoints

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

urlsstring[]OptionalExample: http://localhost:8080/api/updateProfile

Responses

200

description

application/json

post

/api/fetchSensitiveParamsForEndpoints

POST /api/fetchSensitiveParamsForEndpoints HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 52

{
  "urls": [
    "http://localhost:8080/api/updateProfile"
  ]
}

200

description

{
  "data": {
    "endpoints": [
      {
        "isUrlParam": false,
        "method": "POST",
        "maxValue": -9223372036854675000,
        "count": 11,
        "sensitive": true,
        "apiCollectionId": 1679462413,
        "isPrivate": true,
        "url": "https://forms.hscollectedforms.net:443/collected-forms/submit/form",
        "responseCode": 200,
        "duration": 0,
        "minValue": 9223372036854675000,
        "lastSeen": 1681120336,
        "publicCount": 0,
        "param": "testingRun#userEmail",
        "subTypeString": "JWT",
        "isHeader": true,
        "domain": "ENUM",
        "subType": {
          "sensitiveAlways": true,
          "name": "JWT",
          "swaggerSchemaClass": "class io.swagger.v3.oas.models.media.EmailSchema",
          "sensitivePosition": [
            "RESPONSE_PAYLOAD"
          ],
          "superType": "CUSTOM"
        },
        "uniqueCount": 0,
        "timestamp": 1681120336
      }
    ]
  }
}

POST request for endpoint /api/getPostmanCredential

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

objectOptional

Sample description

Responses

200

description

application/json

post

/api/getPostmanCredential

POST /api/getPostmanCredential HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 2

{}

200

description

{
  "postmanCred": "{}",
  "workspaces": "null"
}

POST request for endpoint /api/importPostmanWorkspace

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

workspace_idstringOptionalExample: 48dada0a-f1c4-499d-8d4b-0bcbc2ff016f

api_keystringOptionalExample: PMAK-646733223asdasas579bbdd-dca753sdufhgy98erhwui245f12102

allowReplaybooleanOptionalExample: true

Responses

200

description

application/json

post

/api/importPostmanWorkspace

POST /api/importPostmanWorkspace HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 146

{
  "workspace_id": "48dada0a-f1c4-499d-8d4b-0bcbc2ff016f",
  "api_key": "PMAK-646733223asdasas579bbdd-dca753sdufhgy98erhwui245f12102",
  "allowReplay": true
}

200

description

{
  "postmanCred": "{}",
  "workspaces": "null"
}

POST request for endpoint /api/fetchChanges

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

requestbooleanOptionalExample: false

sortKeystringOptionalExample: timestamp

sortOrderinteger · int32OptionalExample: -1

limitinteger · int32OptionalExample: 100

skipinteger · int32OptionalExample: 0

sensitivebooleanOptionalExample: false

endTimestampinteger · int32OptionalExample: 1684477941

startTimestampinteger · int32OptionalExample: 1679293941

Responses

200

description

application/json

post

/api/fetchChanges

POST /api/fetchChanges HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 303

{
  "request": false,
  "filterOperators": {
    "color": "OR",
    "method": "OR",
    "param": "OR",
    "isHeader": "OR",
    "domain": "OR",
    "subType": "OR",
    "apiCollectionId": "OR",
    "url": "OR",
    "timestamp": "OR"
  },
  "sortKey": "timestamp",
  "sortOrder": -1,
  "limit": 100,
  "skip": 0,
  "sensitive": false,
  "endTimestamp": 1684477941,
  "startTimestamp": 1679293941
}

200

description

{
  "listOfEndpointsInCollection": "null",
  "filterOperators": {
    "color": "OR",
    "method": "OR",
    "param": "OR",
    "isHeader": "OR",
    "domain": "OR",
    "subType": "OR",
    "apiCollectionId": "OR",
    "url": "OR",
    "timestamp": "OR"
  },
  "urls": "null",
  "endpoints": "null",
  "sortKey": "timestamp",
  "method": "null",
  "response": {
    "data": {
      "endpoints": [
        {
          "isUrlParam": false,
          "method": "POST",
          "maxValue": -9223372036854675000,
          "values": {
            "elements": [
              "http://localhost:8080/api/updateProfile"
            ]
          },
          "count": 2,
          "isPrivate": true,
          "apiCollectionId": 1684477780,
          "sensitive": true,
          "url": "/api/fetchEndpointTrafficData",
          "responseCode": 200,
          "duration": 0,
          "minValue": -9223372036854675000,
          "lastSeen": 1684477920,
          "publicCount": 0,
          "param": "date",
          "isHeader": true,
          "subTypeString": "OTHER",
          "domain": "ENUM",
          "subType": {
            "sensitiveAlways": true,
            "swaggerSchemaClass": "class io.swagger.v3.oas.models.media.BooleanSchema",
            "name": "OTHER",
            "superType": "FLOAT"
          },
          "timestamp": 1684477931,
          "uniqueCount": 0
        }
      ],
      "total": 10604
    }
  },
  "sortOrder": -1,
  "limit": 100,
  "skip": 0,
  "apiCollectionId": -1,
  "url": "null"
}

POST request for endpoint /api/addSensitiveField

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

isUrlParambooleanOptionalExample: false

methodstringOptionalExample: POST

maxValueinteger · int32OptionalExample: 1000000

countinteger · int32OptionalExample: 9

apiCollectionIdinteger · int32OptionalExample: 1684477780

isPrivatebooleanOptionalExample: true

sensitivebooleanOptionalExample: true

urlstringOptionalExample: /api/retrieveAllCollectionTests

responseCodeinteger · int32OptionalExample: -1

durationinteger · int32OptionalExample: 0

minValueinteger · int32OptionalExample: 1000000

lastSeeninteger · int32OptionalExample: 1684477801

publicCountinteger · int32OptionalExample: 0

paramstringOptionalExample: account

isHeaderbooleanOptionalExample: true

subTypeStringstringOptionalExample: INTEGER_32

domainstringOptionalExample: ENUM

timestampinteger · int32OptionalExample: 1684477791

uniqueCountinteger · int32OptionalExample: 0

Responses

200

description

application/json

post

/api/addSensitiveField

POST /api/addSensitiveField HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 558

{
  "isUrlParam": false,
  "method": "POST",
  "maxValue": 1000000,
  "values": {
    "elements": [
      1000000
    ]
  },
  "count": 9,
  "apiCollectionId": 1684477780,
  "isPrivate": true,
  "sensitive": true,
  "url": "/api/retrieveAllCollectionTests",
  "responseCode": -1,
  "duration": 0,
  "minValue": 1000000,
  "lastSeen": 1684477801,
  "publicCount": 0,
  "param": "account",
  "isHeader": true,
  "subTypeString": "INTEGER_32",
  "domain": "ENUM",
  "subType": {
    "sensitiveAlways": false,
    "name": "INTEGER_32",
    "swaggerSchemaClass": "class io.swagger.v3.oas.models.media.IntegerSchema",
    "superType": "INTEGER"
  },
  "timestamp": 1684477791,
  "uniqueCount": 0
}

200

description

{
  "data": "null"
}

POST request for endpoint /api/fetchWorkflowTests

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

objectOptional

Sample description

Responses

200

description

application/json

post

/api/fetchWorkflowTests

POST /api/fetchWorkflowTests HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 2

{}

200

description

{
  "str": "null",
  "nodes": "null",
  "workflowTestJson": "null",
  "logFetchEndTime": 0,
  "edges": "null",
  "mapNodeIdToWorkflowNodeDetails": "null",
  "apiCollectionId": 0,
  "id": 0,
  "state": "null",
  "testingLogs": "null",
  "logFetchStartTime": 0
}

POST request for endpoint /api/updateTestRoles

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

roleNamestringOptionalExample: MEMBER

Responses

200

description

application/json

post

/api/updateTestRoles

POST /api/updateTestRoles HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 105

{
  "roleName": "MEMBER",
  "orConditions": {
    "predicates": [
      {
        "type": "CONTAINS",
        "value": "api-2"
      }
    ],
    "operator": "OR"
  }
}

200

description

{
  "testRoles": "null",
  "roleName": "MEMBER",
  "andConditions": "null",
  "selectedRole": "null",
  "orConditions": {
    "predicates": [
      {
        "type": "CONTAINS",
        "value": "api-2"
      }
    ],
    "operator": "OR"
  }
}

POST request for endpoint /api/loadSensitiveParameters

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

apiCollectionIdinteger · int32OptionalExample: 1684477780

Responses

200

description

application/json

post

/api/loadSensitiveParameters

POST /api/loadSensitiveParameters HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 30

{
  "apiCollectionId": 1684477780
}

200

description

{
  "data": {
    "endpoints": [
      {
        "isUrlParam": false,
        "method": "POST",
        "maxValue": -9223372036854675000,
        "count": 4,
        "sensitive": true,
        "apiCollectionId": 1684477780,
        "isPrivate": true,
        "url": "/dashboard/testing",
        "responseCode": 200,
        "duration": 0,
        "minValue": 9223372036854675000,
        "lastSeen": 1684477851,
        "publicCount": 0,
        "param": "testingRun#userEmail",
        "subTypeString": "JWT",
        "isHeader": true,
        "domain": "ENUM",
        "subType": {
          "sensitiveAlways": true,
          "name": "JWT",
          "swaggerSchemaClass": "class io.swagger.v3.oas.models.media.EmailSchema",
          "sensitivePosition": [
            "RESPONSE_PAYLOAD"
          ],
          "superType": "CUSTOM"
        },
        "uniqueCount": 0,
        "timestamp": 1684477851
      }
    ]
  }
}

POST request for endpoint /api/fetchAuthMechanismData

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

objectOptional

Sample description

Responses

200

description

application/json

post

/api/fetchAuthMechanismData

POST /api/fetchAuthMechanismData HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 2

{}

200

description

{
  "workflowTestingRun": "null",
  "authParamData": "null",
  "authMechanism": {
    "authParams": [
      {
        "showHeader": true,
        "where": "HEADER",
        "value": "text",
        "key": "access-token"
      }
    ],
    "id": {
      "date": "2023-03-22T12:11:33",
      "timestamp": 1679467293
    },
    "type": "HARDCODED",
    "uuid": "83c47038-0770-4f7c-946c-539b5927a97f"
  },
  "responses": "null",
  "type": "null",
  "workflowTestResult": "null",
  "requestData": "null",
  "uuid": "null",
  "nodeId": "null"
}

POST request for endpoint /api/stopAllTests

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

objectOptional

Sample description

Responses

200

description

application/json

post

/api/stopAllTests

POST /api/stopAllTests HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 2

{}

200

description

{
  "metadata": "null",
  "testingRunResults": "null",
  "testingRunResultSummaries": "null",
  "runIssues": "null",
  "selectedTests": "null",
  "maxConcurrentRequests": 0,
  "recurringDaily": false,
  "workflowTest": "null",
  "authMechanism": "null",
  "testingRunResult": "null",
  "fetchCicd": false,
  "testingRun": "null",
  "testRunTime": 0,
  "testingRunHexId": "null",
  "endTimestamp": 0,
  "startTimestamp": 0,
  "testName": "null"
}

POST request for endpoint /api/fetchCustomAuthTypes

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

objectOptional

Sample description

Responses

200

description

application/json

post

/api/fetchCustomAuthTypes

POST /api/fetchCustomAuthTypes HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 2

{}

200

description

{
  "customAuthType": "null",
  "usersMap": "{}"
}

POST request for endpoint /api/fetchEndpointTrafficData

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

methodstringOptionalExample: POST

endEpochinteger · int32OptionalExample: 1684477910

apiCollectionIdinteger · int32OptionalExample: 1684477780

startEpochinteger · int32OptionalExample: 1679293910

urlstringOptionalExample: /api/fetchQuickStartPageState

Responses

200

description

application/json

post

/api/fetchEndpointTrafficData

POST /api/fetchEndpointTrafficData HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 130

{
  "method": "POST",
  "endEpoch": 1684477910,
  "apiCollectionId": 1684477780,
  "startEpoch": 1679293910,
  "url": "/api/fetchQuickStartPageState"
}

200

description

{
  "sensitiveSampleData": "{}",
  "sampleDataList": "null",
  "traffic": "{}"
}

POST request for endpoint /api/saveAktoDataType

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

sensitiveAlwaysbooleanOptionalExample: false

namestringOptionalExample: EMAIL

sensitivePositionstring[]OptionalExample: RESPONSE_PAYLOAD

Responses

200

description

application/json

post

/api/saveAktoDataType

POST /api/saveAktoDataType HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 81

{
  "sensitiveAlways": false,
  "name": "EMAIL",
  "sensitivePosition": [
    "RESPONSE_PAYLOAD"
  ]
}

200

description

{
  "totalSampleDataCount": 0,
  "dataTypes": "null",
  "currentProcessed": 0,
  "customSubTypeMatches": "null",
  "customDataType": "null",
  "allDataTypes": "null",
  "sensitivePosition": [
    "RESPONSE_PAYLOAD"
  ],
  "aktoDataType": {
    "sensitiveAlways": false,
    "name": "EMAIL",
    "ignoreData": {
      "ignoredKeysInSelectedAPIs": "{}"
    },
    "sensitivePosition": [
      "RESPONSE_PAYLOAD"
    ],
    "timestamp": 1684478117
  }
}

POST request for endpoint /api/fetchTestingRunResultSummaries

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

testingRunHexIdstringOptionalExample: 646477d11cf07b51403bf5b1

endTimestampinteger · int32OptionalExample: 1684477795

startTimestampinteger · int32OptionalExample: 1683901795

Responses

200

description

application/json

post

/api/fetchTestingRunResultSummaries

POST /api/fetchTestingRunResultSummaries HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 100

{
  "testingRunHexId": "646477d11cf07b51403bf5b1",
  "endTimestamp": 1684477795,
  "startTimestamp": 1683901795
}

200

description

{
  "metadata": "null",
  "testingRunResults": "null",
  "testingRunResultSummaries": [
    {
      "metadata": "null",
      "totalApis": 19,
      "testResultsCount": 72,
      "countIssues": {
        "HIGH": 7,
        "MEDIUM": 0,
        "LOW": 0
      },
      "testingRunId": {
        "date": "2023-05-17T12:14:33",
        "timestamp": 1684305873
      },
      "id": {
        "date": "2023-05-17T12:16:08",
        "timestamp": 1684305968
      },
      "testingRunHexId": "null",
      "state": "COMPLETED",
      "endTimestamp": 1684305974,
      "startTimestamp": 1684305968,
      "hexId": "6464783058e3a17b14ddf64e"
    }
  ],
  "runIssues": "null",
  "selectedTests": "null",
  "maxConcurrentRequests": 0,
  "testingRuns": "null",
  "recurringDaily": false,
  "workflowTest": "null",
  "authMechanism": "null",
  "testingRunResult": "null",
  "fetchCicd": false,
  "testingRun": {
    "periodInSeconds": 0,
    "testingRunConfig": "null",
    "testingEndpoints": {
      "apiCollectionId": 1679459648,
      "type": "COLLECTION_WISE"
    },
    "maxConcurrentRequests": -1,
    "testIdConfig": 1684305873,
    "pickedUpTimestamp": 1684305968,
    "scheduleTimestamp": 1684305852,
    "name": "juice_shop_demo_BFLA_RL",
    "userEmail": "[email protected]",
    "testRunTime": -1,
    "id": {
      "date": "2023-05-17T12:14:33",
      "timestamp": 1684305873
    },
    "state": "COMPLETED",
    "endTimestamp": 1684305974,
    "hexId": "646477d11cf07b51403bf5b1"
  },
  "testRunTime": 0,
  "testingRunHexId": "646477d11cf07b51403bf5b1",
  "endTimestamp": 1684477795,
  "startTimestamp": 1683901795,
  "testName": "null"
}

POST request for endpoint /api/fetchSampleData

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

methodstringOptionalExample: POST

apiCollectionIdinteger · int32OptionalExample: 1684477780

urlstringOptionalExample: /api/fetchQuickStartPageState

Responses

200

description

application/json

post

/api/fetchSampleData

POST /api/fetchSampleData HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 84

{
  "method": "POST",
  "apiCollectionId": 1684477780,
  "url": "/api/fetchQuickStartPageState"
}

200

description

{
  "sensitiveSampleData": "{}",
  "sampleDataList": [
    {
      "id": {
        "method": "POST",
        "bucketEndEpoch": 0,
        "bucketStartEpoch": 0,
        "apiCollectionId": 1684477780,
        "url": "/api/fetchQuickStartPageState",
        "responseCode": -1
      },
      "samples": [
        "text"
      ]
    }
  ],
  "traffic": "{}"
}

POST request for endpoint /api/fetchTestingSources

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

Sample description

defaultCreatorbooleanOptionalExample: true

subcategorystringOptionalExample: BFLA

Responses

200

description

application/json

post

/api/fetchTestingSources

POST /api/fetchTestingSources HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 44

{
  "defaultCreator": true,
  "subcategory": "BFLA"
}

200

description

{
  "severity": "null",
  "searchText": "null",
  "defaultCreator": true,
  "description": "null",
  "categories": "null",
  "inbuiltTests": "null",
  "category": "null",
  "subcategory": "BFLA",
  "url": "null",
  "tags": "null"
}

POST request for endpoint /api/fetchActiveLoaders

post

Header parameters

content-typestringOptionalExample: application/json

X-API-KEYstringOptionalExample: YOUR_API_KEY from Settings > Integrations > Akto APIs

Body

objectOptional

Sample description

Responses

200

description

application/json

post

/api/fetchActiveLoaders

POST /api/fetchActiveLoaders HTTP/1.1
Host: 
Content-Type: application/json
Accept: */*
Content-Length: 2

{}

200

description

{
  "loaderList": [
    {
      "percentage": 100,
      "currentCount": 4,
      "show": true,
      "id": {
        "date": "2023-05-19T13:58:42",
        "timestamp": 1684484922
      },
      "type": {
        "_name": "POSTMAN_UPLOAD",
        "subTitle": "Please wait while we upload your file.",
        "name": "Postman",
        "title": "Importing postman collection"
      },
      "totalCount": 4,
      "userId": 1684300087,
      "hexId": "6467333a0c847a110354cd8d"
    }
  ]
}

PreviousSync Usage Data NextDiscovery

Last updated 1 year ago

Was this helpful?