Modify Data

API

Description

POST /api/createCollection

Create a new API collection in Akto.

POST /api/createCustomCollection

Create a custom API collection by grouping selected APIs.

POST /api/addApisToCustomCollection

Add APIs to an existing custom collection.

POST /api/saveCollectionDescription

Save or update the description of a collection.

POST /api/updateEnvType

Update the environment type (e.g., prod, staging) for a collection.

POST /api/toggleCollectionsOutOfTestScope

Mark/unmark collections as out of test scope.

POST /api/deactivateCollections

Deactivate specific collections so they are no longer active.

POST /api/deleteMultipleCollections

Delete multiple collections at once.

POST /api/redactCollection

Redact sensitive data within a collection.

POST /api/saveEndpointDescription

Save or update the description of a specific API endpoint.

POST /api/loadParamsOfEndpoint

Load the parameters (query, path, body) of a given API endpoint.

POST /api/loadSensitiveParameters

Load parameters identified as sensitive for a given endpoint/collection.

POST /api/importDataFromOpenApiSpec

Import APIs and collections from an OpenAPI specification file.

POST /api/uploadHar

Upload a HAR (HTTP Archive) file to create or update API data in Akto.

/api/addApisToCustomCollection

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

collectionNamestringRequiredExample: Medium Risk APIs

Responses

200

description

application/json

post

/api/addApisToCustomCollection

POST /api/addApisToCustomCollection HTTP/1.1
Host: 
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 163

{
  "collectionName": "Medium Risk APIs",
  "apiList": [
    {
      "method": "GET",
      "apiCollectionId": 1111111111,
      "url": "https://vulnerable-server.akto.io/api/college/revenue/32483"
    }
  ]
}

200

description

{
  "sensitiveUrlsInResponse": 0,
  "shadowApisCount": 0,
  "redacted": false,
  "apiCount": 0,
  "riskScoreOfCollectionsMap": "{}",
  "lastTrafficSeenMap": "{}",
  "uningestedApiCountMap": "{}",
  "endpointsFromConditions": "SUCCESS",
  "sensitiveUnauthenticatedEndpointsCount": 0,
  "endpointsListFromConditions": "SUCCESS",
  "apiStatsStart": "null",
  "deactivatedHostnameCountMap": "{}",
  "criticalEndpointsCount": 0,
  "countForHostnameDeactivatedCollections": "SUCCESS",
  "testedEndpointsMaps": "{}",
  "apiList": [
    {
      "method": "GET",
      "apiCollectionId": 1111111111,
      "url": "https://vulnerable-server.akto.io/api/college/revenue/32483"
    }
  ],
  "severityInfo": "{}",
  "sensitiveSubtypesInCollection": "{}",
  "hasUsageEndpoints": false,
  "countForUningestedApis": "SUCCESS",
  "apiCollectionId": 0,
  "timerInfo": "null",
  "response": {
    "apiCount": 0
  },
  "apiCollections": [
    {
      "hostName": "null",
      "urlsCount": 0,
      "runDependencyAnalyser": false,
      "displayName": "Password Reset APIs",
      "redact": false,
      "sseCallbackUrl": "null",
      "description": "null",
      "startTs": 1756885380,
      "mcpCollection": false,
      "type": "API_GROUP",
      "deactivated": false,
      "automated": true,
      "matchDependencyWithOtherCollections": false,
      "envType": "null",
      "vxlanId": 0,
      "tagsList": "null",
      "name": "Password Reset APIs",
      "userSetEnvType": "null",
      "genAICollection": false,
      "id": 111111130,
      "isOutOfTestingScope": false,
      "sampleCollectionsDropped": true,
      "conditions": "null"
    }
  ],
  "mcpDataCount": 0,
  "usersCollectionList": {
    "NUMBER": "null"
  },
  "allUsersCollections": "SUCCESS",
  "apiStatsEnd": "null",
  "conditions": "null",
  "uningestedApiList": "null",
  "highRiskThirdPartyEndpointsCount": 0
}

/api/saveEndpointDescription

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

methodstringRequiredExample: GET

descriptionstringRequiredExample: ldklewmldk

apiCollectionIdinteger · int32RequiredExample: 1111111111

urlstringRequiredExample: https://vulnerable-server.akto.io/api/college/revenue/32483

Responses

200

description

application/json

post

/api/saveEndpointDescription

POST /api/saveEndpointDescription HTTP/1.1
Host: 
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 140

{
  "method": "GET",
  "description": "ldklewmldk",
  "apiCollectionId": 1111111111,
  "url": "https://vulnerable-server.akto.io/api/college/revenue/32483"
}

200

description

{
  "listOfEndpointsInCollection": "null",
  "notTestedEndpointsCount": 0,
  "endpoints": "null",
  "method": "GET",
  "oldCount": 0,
  "newCount": 0,
  "description": "ldklewmldk",
  "skip": 0,
  "severitiesCountPerCollection": "SUCCESS",
  "apiCollectionId": 1111111111,
  "filters": "null",
  "summaryInfoForChanges": "SUCCESS",
  "accessTypes": "SUCCESS",
  "url": "https://vulnerable-server.akto.io/api/college/revenue/32483",
  "deMergedApis": "SUCCESS",
  "urls": "null",
  "filterOperators": "null",
  "sortKey": "null",
  "severityMapForCollection": "{}",
  "response": "{}",
  "sortOrder": 0,
  "limit": 0,
  "onlyOnceTestedEndpointsCount": 0
}

/api/updateEnvType

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

resetEnvTypesbooleanRequiredExample: false

apiCollectionIdsinteger · int32[]RequiredExample: 1756885433

Responses

200

description

application/json

post

/api/updateEnvType

POST /api/updateEnvType HTTP/1.1
Host: 
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 113

{
  "resetEnvTypes": false,
  "envType": [
    {
      "keyName": ",",
      "lastUpdatedTs": 0,
      "value": ","
    }
  ],
  "apiCollectionIds": [
    1756885433
  ]
}

200

description

{
  "sensitiveUrlsInResponse": 0,
  "shadowApisCount": 0,
  "redacted": false,
  "apiCount": 0,
  "riskScoreOfCollectionsMap": "{}",
  "lastTrafficSeenMap": "{}",
  "uningestedApiCountMap": "{}",
  "endpointsFromConditions": "SUCCESS",
  "sensitiveUnauthenticatedEndpointsCount": 0,
  "endpointsListFromConditions": "SUCCESS",
  "apiStatsStart": "null",
  "criticalEndpointsCount": 0,
  "deactivatedHostnameCountMap": "{}",
  "countForHostnameDeactivatedCollections": "SUCCESS",
  "testedEndpointsMaps": "{}",
  "apiList": "null",
  "severityInfo": "{}",
  "sensitiveSubtypesInCollection": "{}",
  "hasUsageEndpoints": false,
  "countForUningestedApis": "SUCCESS",
  "apiCollectionId": 0,
  "timerInfo": "null",
  "response": {
    "apiCount": 0
  },
  "mcpDataCount": 0,
  "usersCollectionList": {
    "NUMBER": "null"
  },
  "allUsersCollections": "SUCCESS",
  "apiStatsEnd": "null",
  "conditions": "null",
  "uningestedApiList": "null",
  "highRiskThirdPartyEndpointsCount": 0
}

/api/toggleCollectionsOutOfTestScope

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

currentIsOutOfTestingScopeValbooleanRequiredExample: false

apiCollectionIdsinteger · int32[]RequiredExample: 1111111111

Responses

200

description

application/json

post

/api/toggleCollectionsOutOfTestScope

POST /api/toggleCollectionsOutOfTestScope HTTP/1.1
Host: 
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 71

{
  "currentIsOutOfTestingScopeVal": false,
  "apiCollectionIds": [
    1111111111
  ]
}

200

description

{
  "success": true
}

/api/uploadHar

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

skipKafkastringRequiredExample: false

harStringstringRequiredExample:

{ "log": { "version": "1.2", "creator": { "name": "ChatGPT HAR Generator", "version": "1.0" }, "entries": [ { "startedDateTime": "2025-05-12T10:00:00.000Z", "time": 120, "request": { "method": "GET", "url": "https://example.com/api/data", "httpVersion": "HTTP/1.1", "headers": [ { "name": "Accept", "value": "application/json" }, { "name": "User-Agent", "value": "HAR-Demo/1.0" } ], "queryString": [], "headersSize": 150, "bodySize": 0 }, "response": { "status": 200, "statusText": "OK", "httpVersion": "HTTP/1.1", "headers": [ { "name": "Content-Type", "value": "application/json" } ], "content": { "size": 74, "mimeType": "application/json", "text": "{\"id\":123,\"name\":\"Test Item\",\"description\":\"Sample data for HAR\"}" }, "redirectURL": "", "headersSize": 160, "bodySize": 74 }, "timings": { "send": 20, "wait": 80, "receive": 20 } } ] } }

hsFilestringRequiredExample:

{ "log": { "version": "1.2", "creator": { "name": "ChatGPT HAR Generator", "version": "1.0" }, "entries": [ { "startedDateTime": "2025-05-12T10:00:00.000Z", "time": 120, "request": { "method": "GET", "url": "https://example.com/api/data", "httpVersion": "HTTP/1.1", "headers": [ { "name": "Accept", "value": "application/json" }, { "name": "User-Agent", "value": "HAR-Demo/1.0" } ], "queryString": [], "headersSize": 150, "bodySize": 0 }, "response": { "status": 200, "statusText": "OK", "httpVersion": "HTTP/1.1", "headers": [ { "name": "Content-Type", "value": "application/json" } ], "content": { "size": 74, "mimeType": "application/json", "text": "{\"id\":123,\"name\":\"Test Item\",\"description\":\"Sample data for HAR\"}" }, "redirectURL": "", "headersSize": 160, "bodySize": 74 }, "timings": { "send": 20, "wait": 80, "receive": 20 } } ] } }

apiCollectionIdinteger · int32RequiredExample: 1756891710

Responses

200

description

application/json

post

/api/uploadHar

POST /api/uploadHar HTTP/1.1
Host: 
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 2931

{
  "skipKafka": "false",
  "harString": "{\n  \"log\": {\n    \"version\": \"1.2\",\n    \"creator\": {\n      \"name\": \"ChatGPT HAR Generator\",\n      \"version\": \"1.0\"\n    },\n    \"entries\": [\n      {\n        \"startedDateTime\": \"2025-05-12T10:00:00.000Z\",\n        \"time\": 120,\n        \"request\": {\n          \"method\": \"GET\",\n          \"url\": \"https://example.com/api/data\",\n          \"httpVersion\": \"HTTP/1.1\",\n          \"headers\": [\n            { \"name\": \"Accept\", \"value\": \"application/json\" },\n            { \"name\": \"User-Agent\", \"value\": \"HAR-Demo/1.0\" }\n          ],\n          \"queryString\": [],\n          \"headersSize\": 150,\n          \"bodySize\": 0\n        },\n        \"response\": {\n          \"status\": 200,\n          \"statusText\": \"OK\",\n          \"httpVersion\": \"HTTP/1.1\",\n          \"headers\": [\n            { \"name\": \"Content-Type\", \"value\": \"application/json\" }\n          ],\n          \"content\": {\n            \"size\": 74,\n            \"mimeType\": \"application/json\",\n            \"text\": \"{\\\"id\\\":123,\\\"name\\\":\\\"Test Item\\\",\\\"description\\\":\\\"Sample data for HAR\\\"}\"\n          },\n          \"redirectURL\": \"\",\n          \"headersSize\": 160,\n          \"bodySize\": 74\n        },\n        \"timings\": {\n          \"send\": 20,\n          \"wait\": 80,\n          \"receive\": 20\n        }\n      }\n    ]\n  }\n}\n\n",
  "hsFile": "{\n  \"log\": {\n    \"version\": \"1.2\",\n    \"creator\": {\n      \"name\": \"ChatGPT HAR Generator\",\n      \"version\": \"1.0\"\n    },\n    \"entries\": [\n      {\n        \"startedDateTime\": \"2025-05-12T10:00:00.000Z\",\n        \"time\": 120,\n        \"request\": {\n          \"method\": \"GET\",\n          \"url\": \"https://example.com/api/data\",\n          \"httpVersion\": \"HTTP/1.1\",\n          \"headers\": [\n            { \"name\": \"Accept\", \"value\": \"application/json\" },\n            { \"name\": \"User-Agent\", \"value\": \"HAR-Demo/1.0\" }\n          ],\n          \"queryString\": [],\n          \"headersSize\": 150,\n          \"bodySize\": 0\n        },\n        \"response\": {\n          \"status\": 200,\n          \"statusText\": \"OK\",\n          \"httpVersion\": \"HTTP/1.1\",\n          \"headers\": [\n            { \"name\": \"Content-Type\", \"value\": \"application/json\" }\n          ],\n          \"content\": {\n            \"size\": 74,\n            \"mimeType\": \"application/json\",\n            \"text\": \"{\\\"id\\\":123,\\\"name\\\":\\\"Test Item\\\",\\\"description\\\":\\\"Sample data for HAR\\\"}\"\n          },\n          \"redirectURL\": \"\",\n          \"headersSize\": 160,\n          \"bodySize\": 74\n        },\n        \"timings\": {\n          \"send\": 20,\n          \"wait\": 80,\n          \"receive\": 20\n        }\n      }\n    ]\n  }\n}\n\n",
  "apiCollectionId": 1756891710
}

200

description

{
  "skipKafka": true
}

/api/deleteMultipleCollections

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

Responses

200

description

application/json

post

/api/deleteMultipleCollections

POST /api/deleteMultipleCollections HTTP/1.1
Host: 
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 38

{
  "apiCollections": [
    {
      "id": 1756885433
    }
  ]
}

200

description

{
  "sensitiveUrlsInResponse": 0,
  "shadowApisCount": 0,
  "redacted": false,
  "apiCount": 0,
  "riskScoreOfCollectionsMap": "{}",
  "lastTrafficSeenMap": "{}",
  "uningestedApiCountMap": "{}",
  "endpointsFromConditions": "SUCCESS",
  "sensitiveUnauthenticatedEndpointsCount": 0,
  "endpointsListFromConditions": "SUCCESS",
  "apiStatsStart": "null",
  "deactivatedHostnameCountMap": "{}",
  "criticalEndpointsCount": 0,
  "countForHostnameDeactivatedCollections": "SUCCESS",
  "testedEndpointsMaps": "{}",
  "apiList": "null",
  "severityInfo": "{}",
  "sensitiveSubtypesInCollection": "{}",
  "hasUsageEndpoints": false,
  "countForUningestedApis": "SUCCESS",
  "apiCollectionId": 0,
  "timerInfo": "null",
  "response": {
    "apiCount": 0
  },
  "apiCollections": [
    {
      "hostName": "null",
      "urlsCount": 0,
      "runDependencyAnalyser": false,
      "displayName": "",
      "redact": false,
      "sseCallbackUrl": "null",
      "description": "null",
      "startTs": 0,
      "mcpCollection": false,
      "type": "null",
      "deactivated": false,
      "urls": "null",
      "automated": false,
      "matchDependencyWithOtherCollections": false,
      "envType": "null",
      "vxlanId": 0,
      "tagsList": "null",
      "name": "null",
      "genAICollection": false,
      "userSetEnvType": "null",
      "id": 1756885433,
      "isOutOfTestingScope": false,
      "sampleCollectionsDropped": false,
      "conditions": "null"
    }
  ],
  "mcpDataCount": 0,
  "usersCollectionList": {
    "NUMBER": "null"
  },
  "allUsersCollections": "SUCCESS",
  "apiStatsEnd": "null",
  "conditions": "null",
  "highRiskThirdPartyEndpointsCount": 0,
  "uningestedApiList": "null"
}

/api/saveCollectionDescription

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

descriptionstringRequiredExample: mlewmdmweldmew

apiCollectionIdinteger · int32RequiredExample: 1111111111

Responses

200

description

application/json

post

/api/saveCollectionDescription

POST /api/saveCollectionDescription HTTP/1.1
Host: 
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 61

{
  "description": "mlewmdmweldmew",
  "apiCollectionId": 1111111111
}

200

description

{
  "sensitiveUrlsInResponse": 0,
  "shadowApisCount": 0,
  "redacted": false,
  "riskScoreOfCollectionsMap": "{}",
  "apiCount": 0,
  "lastTrafficSeenMap": "{}",
  "uningestedApiCountMap": "{}",
  "endpointsFromConditions": "SUCCESS",
  "sensitiveUnauthenticatedEndpointsCount": 0,
  "endpointsListFromConditions": "SUCCESS",
  "apiStatsStart": "null",
  "deactivatedHostnameCountMap": "{}",
  "criticalEndpointsCount": 0,
  "countForHostnameDeactivatedCollections": "SUCCESS",
  "testedEndpointsMaps": "{}",
  "severityInfo": "{}",
  "apiList": "null",
  "sensitiveSubtypesInCollection": "{}",
  "hasUsageEndpoints": false,
  "countForUningestedApis": "SUCCESS",
  "apiCollectionId": 1111111111,
  "timerInfo": "null",
  "response": {
    "apiCount": 0
  },
  "usersCollectionList": {
    "NUMBER": "null"
  },
  "mcpDataCount": 0,
  "allUsersCollections": "SUCCESS",
  "apiStatsEnd": "null",
  "conditions": "null",
  "uningestedApiList": "null",
  "highRiskThirdPartyEndpointsCount": 0
}

/api/loadSensitiveParameters

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

apiCollectionIdinteger · int32RequiredExample: 1111111111

Responses

200

description

application/json

post

/api/loadSensitiveParameters

POST /api/loadSensitiveParameters HTTP/1.1
Host: 
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 30

{
  "apiCollectionId": 1111111111
}

200

description

{
  "data": {
    "endpoints": [
      {
        "sources": {
          "HAR": {
            "timestamp": 1756885376
          }
        },
        "isPrivate": true,
        "responseCode": 200,
        "duration": 0,
        "minValue": 9223372036854675000,
        "param": "email",
        "subTypeString": "EMAIL",
        "id": {
          "date": "2025-09-03T07:42:59",
          "timestamp": 1756885378
        },
        "timestamp": 1756885376,
        "isUrlParam": false,
        "method": "POST",
        "maxValue": -9223372036854675000,
        "isQueryParam": false,
        "strId": "68b7f18270e50e1f92f38fa4",
        "count": 1,
        "apiCollectionId": 1111111111,
        "sensitive": true,
        "url": "https://vulnerable-server.akto.io/api/v2/feePayment",
        "lastSeen": 1756885435,
        "publicCount": 0,
        "isHeader": false,
        "collectionIds": [
          111111201
        ],
        "domain": "ENUM",
        "subType": {
          "sensitiveAlways": true,
          "name": "EMAIL",
          "swaggerSchemaClass": "class io.swagger.v3.oas.models.media.EmailSchema",
          "superType": "STRING"
        },
        "queryParam": false,
        "uniqueCount": 0
      }
    ]
  }
}

/api/loadParamsOfEndpoint

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

methodstringRequiredExample: GET

apiCollectionIdinteger · int32RequiredExample: 1111111111

urlstringRequiredExample: https://vulnerable-server.akto.io/api/college/revenue/32483

Responses

200

description

application/json

post

/api/loadParamsOfEndpoint

POST /api/loadParamsOfEndpoint HTTP/1.1
Host: 
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 113

{
  "method": "GET",
  "apiCollectionId": 1111111111,
  "url": "https://vulnerable-server.akto.io/api/college/revenue/32483"
}

200

description

{
  "data": {
    "params": [
      {
        "sources": {
          "HAR": {
            "timestamp": 1756885376
          }
        },
        "values": {
          "elements": [
            "JWT eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
          ]
        },
        "isPrivate": true,
        "responseCode": 200,
        "duration": 0,
        "minValue": 2,
        "param": "authorization",
        "subTypeString": "GENERIC",
        "id": {
          "date": "2025-09-03T07:42:59",
          "timestamp": 1756885378
        },
        "timestamp": 1756885376,
        "isUrlParam": false,
        "method": "GET",
        "strId": "68b7f18270e50e1f92f38d44",
        "isQueryParam": false,
        "maxValue": 2,
        "count": 1,
        "apiCollectionId": 1111111111,
        "sensitive": true,
        "url": "https://vulnerable-server.akto.io/api/college/revenue/32483",
        "lastSeen": 1756885435,
        "publicCount": 0,
        "isHeader": true,
        "collectionIds": [
          1111111111
        ],
        "domain": "ENUM",
        "subType": {
          "sensitiveAlways": true,
          "swaggerSchemaClass": "class io.swagger.v3.oas.models.media.EmailSchema",
          "name": "GENERIC",
          "superType": "STRING"
        },
        "queryParam": false,
        "uniqueCount": 0
      }
    ]
  }
}

/api/createCollection

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

collectionNamestringRequiredExample: kmlkm

Responses

200

description

application/json

post

/api/createCollection

POST /api/createCollection HTTP/1.1
Host: 
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 26

{
  "collectionName": "kmlkm"
}

200

description

{
  "sensitiveUrlsInResponse": 0,
  "shadowApisCount": 0,
  "redacted": false,
  "apiCount": 0,
  "riskScoreOfCollectionsMap": "{}",
  "lastTrafficSeenMap": "{}",
  "uningestedApiCountMap": "{}",
  "endpointsFromConditions": "SUCCESS",
  "sensitiveUnauthenticatedEndpointsCount": 0,
  "endpointsListFromConditions": "SUCCESS",
  "apiStatsStart": "null",
  "criticalEndpointsCount": 0,
  "deactivatedHostnameCountMap": "{}",
  "countForHostnameDeactivatedCollections": "SUCCESS",
  "testedEndpointsMaps": "{}",
  "apiList": "null",
  "severityInfo": "{}",
  "sensitiveSubtypesInCollection": "{}",
  "hasUsageEndpoints": false,
  "countForUningestedApis": "SUCCESS",
  "apiCollectionId": 0,
  "timerInfo": "null",
  "response": {
    "apiCount": 0
  },
  "apiCollections": [
    {
      "hostName": "null",
      "urlsCount": 0,
      "runDependencyAnalyser": false,
      "displayName": "kmlkm",
      "redact": false,
      "sseCallbackUrl": "null",
      "description": "null",
      "startTs": 1756891710,
      "mcpCollection": false,
      "type": "null",
      "deactivated": false,
      "automated": false,
      "matchDependencyWithOtherCollections": false,
      "envType": "null",
      "vxlanId": 0,
      "tagsList": "null",
      "userSetEnvType": "null",
      "name": "kmlkm",
      "genAICollection": false,
      "id": 1756891710,
      "isOutOfTestingScope": false,
      "sampleCollectionsDropped": true,
      "conditions": "null"
    }
  ],
  "mcpDataCount": 0,
  "usersCollectionList": {
    "NUMBER": "null"
  },
  "allUsersCollections": "SUCCESS",
  "apiStatsEnd": "null",
  "conditions": "null",
  "highRiskThirdPartyEndpointsCount": 0,
  "uningestedApiList": "null"
}

/api/redactCollection

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

redactedbooleanRequiredExample: true

apiCollectionIdinteger · int32RequiredExample: 1111111111

Responses

200

description

application/json

post

/api/redactCollection

POST /api/redactCollection HTTP/1.1
Host: 
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 46

{
  "redacted": true,
  "apiCollectionId": 1111111111
}

200

description

{
  "sensitiveUrlsInResponse": 0,
  "shadowApisCount": 0,
  "redacted": true,
  "apiCount": 0,
  "riskScoreOfCollectionsMap": "{}",
  "lastTrafficSeenMap": "{}",
  "uningestedApiCountMap": "{}",
  "endpointsFromConditions": "SUCCESS",
  "sensitiveUnauthenticatedEndpointsCount": 0,
  "endpointsListFromConditions": "SUCCESS",
  "apiStatsStart": "null",
  "deactivatedHostnameCountMap": "{}",
  "criticalEndpointsCount": 0,
  "countForHostnameDeactivatedCollections": "SUCCESS",
  "testedEndpointsMaps": "{}",
  "apiList": "null",
  "severityInfo": "{}",
  "sensitiveSubtypesInCollection": "{}",
  "hasUsageEndpoints": false,
  "countForUningestedApis": "SUCCESS",
  "apiCollectionId": 1111111111,
  "timerInfo": "null",
  "response": {
    "apiCount": 0
  },
  "usersCollectionList": {
    "NUMBER": "null"
  },
  "mcpDataCount": 0,
  "allUsersCollections": "SUCCESS",
  "apiStatsEnd": "null",
  "conditions": "null",
  "highRiskThirdPartyEndpointsCount": 0,
  "uningestedApiList": "null"
}

/api/importDataFromOpenApiSpec

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

openAPIStringstringRequiredExample:

{ "title": "Akto on akto", "steps": [ { "type": "setViewport", "width": 1290, "height": 326, "deviceScaleFactor": 1, "isMobile": false, "hasTouch": false, "timeout": 40000, "isLandscape": false }, { "type": "navigate", "url": "https://app-akto.us.auth0.com/u/login?state=hKFo2SB3UzduUmpsWnVnSnpjYmptelpkaVYydWV1QmFFTjBGQqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFluNlEtdk9qXzVRQkVtVjFEQV90NUU4VHpuVE1adnFYo2NpZNkgY0tFNFZOVXlvTG41SnVlb25kdFY2RDlmUGJKZ1ZpajM", "assertedEvents": [ { "type": "navigation", "url": "https://app-akto.us.auth0.com/u/login?state=hKFo2SB3UzduUmpsWnVnSnpjYmptelpkaVYydWV1QmFFTjBGQqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFluNlEtdk9qXzVRQkVtVjFEQV90NUU4VHpuVE1adnFYo2NpZNkgY0tFNFZOVXlvTG41SnVlb25kdFY2RDlmUGJKZ1ZpajM", "title": "Log in | Akto saas prod" } ] }, { "type": "keyDown", "target": "main", "timeout": 40000, "key": "Meta" }, { "type": "keyUp", "key": "Meta", "target": "main", "timeout": 40000 }, { "type": "change", "value": "[email protected]", "selectors": [ [ "aria/Email address" ], [ "#username" ], [ "xpath///*[@id=\"username\"]" ], [ "pierce/#username" ] ], "target": "main", "timeout": 40000 }, { "type": "click", "target": "main", "selectors": [ [ "aria/Password" ], [ "#password" ], [ "xpath///*[@id=\"password\"]" ], [ "pierce/#password" ] ], "offsetY": 25, "offsetX": 140 }, { "type": "keyDown", "target": "main", "key": "Meta" }, { "type": "keyUp", "key": "Meta", "target": "main", "timeout": 40000 }, { "type": "change", "value": "Lollot@2", "selectors": [ [ "aria/Password" ], [ "#password" ], [ "xpath///*[@id=\"password\"]" ], [ "pierce/#password" ] ], "target": "main", "timeout": 40000 }, { "type": "click", "target": "main", "timeout": 40000, "selectors": [ [ "aria/Continue" ], [ "div.ca17d988b > button" ], [ "xpath//html/body/div/main/section/div/div/div/form/div[2]/button" ], [ "pierce/div.ca17d988b > button" ] ], "offsetY": 21, "offsetX": 173, "assertedEvents": [ { "type": "navigation", "url": "https://app.akto.io/dashboard/observe/inventory", "title": "" } ] } ] }

apiCollectionIdinteger · int32RequiredExample: 1111111111

Responses

200

description

application/json

post

/api/importDataFromOpenApiSpec

POST /api/importDataFromOpenApiSpec HTTP/1.1
Host: 
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 4257

{
  "openAPIString": "{\n    \"title\": \"Akto on akto\",\n    \"steps\": [\n        {\n            \"type\": \"setViewport\",\n            \"width\": 1290,\n            \"height\": 326,\n            \"deviceScaleFactor\": 1,\n            \"isMobile\": false,\n            \"hasTouch\": false,\n            \"timeout\": 40000,\n            \"isLandscape\": false\n        },\n        {\n            \"type\": \"navigate\",\n            \"url\": \"https://app-akto.us.auth0.com/u/login?state=hKFo2SB3UzduUmpsWnVnSnpjYmptelpkaVYydWV1QmFFTjBGQqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFluNlEtdk9qXzVRQkVtVjFEQV90NUU4VHpuVE1adnFYo2NpZNkgY0tFNFZOVXlvTG41SnVlb25kdFY2RDlmUGJKZ1ZpajM\",\n            \"assertedEvents\": [\n                {\n                    \"type\": \"navigation\",\n                    \"url\": \"https://app-akto.us.auth0.com/u/login?state=hKFo2SB3UzduUmpsWnVnSnpjYmptelpkaVYydWV1QmFFTjBGQqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFluNlEtdk9qXzVRQkVtVjFEQV90NUU4VHpuVE1adnFYo2NpZNkgY0tFNFZOVXlvTG41SnVlb25kdFY2RDlmUGJKZ1ZpajM\",\n                    \"title\": \"Log in | Akto saas prod\"\n                }\n            ]\n        },\n        {\n            \"type\": \"keyDown\",\n            \"target\": \"main\",\n            \"timeout\": 40000,\n            \"key\": \"Meta\"\n        },\n        {\n            \"type\": \"keyUp\",\n            \"key\": \"Meta\",\n            \"target\": \"main\",\n            \"timeout\": 40000\n        },\n        {\n            \"type\": \"change\",\n            \"value\": \"[email protected]\",\n            \"selectors\": [\n                [\n                    \"aria/Email address\"\n                ],\n                [\n                    \"#username\"\n                ],\n                [\n                    \"xpath///*[@id=\\\"username\\\"]\"\n                ],\n                [\n                    \"pierce/#username\"\n                ]\n            ],\n            \"target\": \"main\",\n            \"timeout\": 40000\n        },\n        {\n            \"type\": \"click\",\n            \"target\": \"main\",\n            \"selectors\": [\n                [\n                    \"aria/Password\"\n                ],\n                [\n                    \"#password\"\n                ],\n                [\n                    \"xpath///*[@id=\\\"password\\\"]\"\n                ],\n                [\n                    \"pierce/#password\"\n                ]\n            ],\n            \"offsetY\": 25,\n            \"offsetX\": 140\n        },\n        {\n            \"type\": \"keyDown\",\n            \"target\": \"main\",\n            \"key\": \"Meta\"\n        },\n        {\n            \"type\": \"keyUp\",\n            \"key\": \"Meta\",\n            \"target\": \"main\",\n            \"timeout\": 40000\n        },\n        {\n            \"type\": \"change\",\n            \"value\": \"Lollot@2\",\n            \"selectors\": [\n                [\n                    \"aria/Password\"\n                ],\n                [\n                    \"#password\"\n                ],\n                [\n                    \"xpath///*[@id=\\\"password\\\"]\"\n                ],\n                [\n                    \"pierce/#password\"\n                ]\n            ],\n            \"target\": \"main\",\n            \"timeout\": 40000\n        },\n        {\n            \"type\": \"click\",\n            \"target\": \"main\",\n            \"timeout\": 40000,\n            \"selectors\": [\n                [\n                    \"aria/Continue\"\n                ],\n                [\n                    \"div.ca17d988b > button\"\n                ],\n                [\n                    \"xpath//html/body/div/main/section/div/div/div/form/div[2]/button\"\n                ],\n                [\n                    \"pierce/div.ca17d988b > button\"\n                ]\n            ],\n            \"offsetY\": 21,\n            \"offsetX\": 173,\n            \"assertedEvents\": [\n                {\n                    \"type\": \"navigation\",\n                    \"url\": \"https://app.akto.io/dashboard/observe/inventory\",\n                    \"title\": \"\"\n                }\n            ]\n        }\n    ]\n}\n",
  "apiCollectionId": 1111111111
}

200

description

{
  "openAPIString": "{\n    \"title\": \"Akto on akto\",\n    \"steps\": [\n        {\n            \"type\": \"setViewport\",\n            \"width\": 1290,\n            \"height\": 326,\n            \"deviceScaleFactor\": 1,\n            \"isMobile\": false,\n            \"hasTouch\": false,\n            \"timeout\": 40000,\n            \"isLandscape\": false\n        },\n        {\n            \"type\": \"navigate\",\n            \"url\": \"https://app-akto.us.auth0.com/u/login?state=hKFo2SB3UzduUmpsWnVnSnpjYmptelpkaVYydWV1QmFFTjBGQqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFluNlEtdk9qXzVRQkVtVjFEQV90NUU4VHpuVE1adnFYo2NpZNkgY0tFNFZOVXlvTG41SnVlb25kdFY2RDlmUGJKZ1ZpajM\",\n            \"assertedEvents\": [\n                {\n                    \"type\": \"navigation\",\n                    \"url\": \"https://app-akto.us.auth0.com/u/login?state=hKFo2SB3UzduUmpsWnVnSnpjYmptelpkaVYydWV1QmFFTjBGQqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFluNlEtdk9qXzVRQkVtVjFEQV90NUU4VHpuVE1adnFYo2NpZNkgY0tFNFZOVXlvTG41SnVlb25kdFY2RDlmUGJKZ1ZpajM\",\n                    \"title\": \"Log in | Akto saas prod\"\n                }\n            ]\n        },\n        {\n            \"type\": \"keyDown\",\n            \"target\": \"main\",\n            \"timeout\": 40000,\n            \"key\": \"Meta\"\n        },\n        {\n            \"type\": \"keyUp\",\n            \"key\": \"Meta\",\n            \"target\": \"main\",\n            \"timeout\": 40000\n        },\n        {\n            \"type\": \"change\",\n            \"value\": \"[email protected]\",\n            \"selectors\": [\n                [\n                    \"aria/Email address\"\n                ],\n                [\n                    \"#username\"\n                ],\n                [\n                    \"xpath///*[@id=\\\"username\\\"]\"\n                ],\n                [\n                    \"pierce/#username\"\n                ]\n            ],\n            \"target\": \"main\",\n            \"timeout\": 40000\n        },\n        {\n            \"type\": \"click\",\n            \"target\": \"main\",\n            \"selectors\": [\n                [\n                    \"aria/Password\"\n                ],\n                [\n                    \"#password\"\n                ],\n                [\n                    \"xpath///*[@id=\\\"password\\\"]\"\n                ],\n                [\n                    \"pierce/#password\"\n                ]\n            ],\n            \"offsetY\": 25,\n            \"offsetX\": 140\n        },\n        {\n            \"type\": \"keyDown\",\n            \"target\": \"main\",\n            \"key\": \"Meta\"\n        },\n        {\n            \"type\": \"keyUp\",\n            \"key\": \"Meta\",\n            \"target\": \"main\",\n            \"timeout\": 40000\n        },\n        {\n            \"type\": \"change\",\n            \"value\": \"Lollot@2\",\n            \"selectors\": [\n                [\n                    \"aria/Password\"\n                ],\n                [\n                    \"#password\"\n                ],\n                [\n                    \"xpath///*[@id=\\\"password\\\"]\"\n                ],\n                [\n                    \"pierce/#password\"\n                ]\n            ],\n            \"target\": \"main\",\n            \"timeout\": 40000\n        },\n        {\n            \"type\": \"click\",\n            \"target\": \"main\",\n            \"timeout\": 40000,\n            \"selectors\": [\n                [\n                    \"aria/Continue\"\n                ],\n                [\n                    \"div.ca17d988b > button\"\n                ],\n                [\n                    \"xpath//html/body/div/main/section/div/div/div/form/div[2]/button\"\n                ],\n                [\n                    \"pierce/div.ca17d988b > button\"\n                ]\n            ],\n            \"offsetY\": 21,\n            \"offsetX\": 173,\n            \"assertedEvents\": [\n                {\n                    \"type\": \"navigation\",\n                    \"url\": \"https://app.akto.io/dashboard/observe/inventory\",\n                    \"title\": \"\"\n                }\n            ]\n        }\n    ]\n}\n",
  "importType": "null",
  "uploadDetails": "null",
  "uploadId": "68b8099fc74c9f211e0b9e5c",
  "lastFetchedMethod": "null",
  "apiInfoKeyList": "null",
  "lastFetchedUrl": "null"
}

/api/createCustomCollection

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

collectionNamestringRequiredExample: k

Responses

200

description

application/json

post

/api/createCustomCollection

POST /api/createCustomCollection HTTP/1.1
Host: 
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 176

{
  "conditions": [
    {
      "data": {
        "apiList": [
          {
            "method": "GET",
            "apiCollectionId": 1756891710,
            "url": "https://example.com/api/data"
          }
        ]
      },
      "type": "CUSTOM",
      "operator": "AND"
    }
  ],
  "collectionName": "k"
}

200

description

{
  "sensitiveUrlsInResponse": 0,
  "shadowApisCount": 0,
  "redacted": false,
  "riskScoreOfCollectionsMap": "{}",
  "apiCount": 0,
  "lastTrafficSeenMap": "{}",
  "uningestedApiCountMap": "{}",
  "endpointsFromConditions": "SUCCESS",
  "sensitiveUnauthenticatedEndpointsCount": 0,
  "endpointsListFromConditions": "SUCCESS",
  "apiStatsStart": "null",
  "criticalEndpointsCount": 0,
  "deactivatedHostnameCountMap": "{}",
  "countForHostnameDeactivatedCollections": "SUCCESS",
  "testedEndpointsMaps": "{}",
  "severityInfo": "{}",
  "apiList": "null",
  "sensitiveSubtypesInCollection": "{}",
  "hasUsageEndpoints": false,
  "countForUningestedApis": "SUCCESS",
  "apiCollectionId": 0,
  "timerInfo": "null",
  "response": {
    "data": {
      "endpoints": [
        {
          "startTs": 1756891757,
          "_id": {
            "method": "GET",
            "apiCollectionId": 1756891710,
            "url": "https://example.com/api/data"
          },
          "changesCount": 6
        }
      ],
      "apiInfoList": [
        {
          "responseCodes": [
            200
          ],
          "discoveredTimestamp": 1756891757,
          "sources": {
            "HAR": {
              "timestamp": 1756891757
            }
          },
          "violations": "{}",
          "lastCalculatedTime": 0,
          "lastTested": 0,
          "description": "null",
          "severityScore": 0,
          "lastSeen": 1756891757,
          "actualAuthType": [
            "UNAUTHENTICATED"
          ],
          "allAuthTypesFound": [
            [
              "UNAUTHENTICATED"
            ]
          ],
          "collectionIds": [
            1756891783
          ],
          "isSensitive": false,
          "id": {
            "method": "GET",
            "apiCollectionId": 1756891710,
            "url": "https://example.com/api/data"
          },
          "riskScore": 0,
          "apiType": "REST"
        }
      ]
    },
    "apiCount": 0
  },
  "apiCollections": [
    {
      "hostName": "null",
      "urlsCount": 0,
      "runDependencyAnalyser": false,
      "displayName": "k",
      "redact": false,
      "sseCallbackUrl": "null",
      "description": "null",
      "mcpCollection": false,
      "startTs": 1756891783,
      "type": "API_GROUP",
      "deactivated": false,
      "urls": "null",
      "automated": false,
      "matchDependencyWithOtherCollections": false,
      "vxlanId": 0,
      "envType": "null",
      "tagsList": "null",
      "genAICollection": false,
      "userSetEnvType": "null",
      "name": "k",
      "id": 1756891783,
      "conditions": [
        {
          "apisList": [
            {
              "method": "GET",
              "apiCollectionId": 1756891710,
              "url": "https://example.com/api/data"
            }
          ],
          "type": "CUSTOM",
          "operator": "AND"
        }
      ],
      "sampleCollectionsDropped": false,
      "isOutOfTestingScope": false
    }
  ],
  "mcpDataCount": 0,
  "usersCollectionList": {
    "NUMBER": "null"
  },
  "allUsersCollections": "SUCCESS",
  "apiStatsEnd": "null",
  "conditions": [
    {
      "data": {
        "apiList": [
          {
            "method": "GET",
            "apiCollectionId": 1756891710,
            "url": "https://example.com/api/data"
          }
        ]
      },
      "type": "CUSTOM",
      "operator": "AND"
    }
  ],
  "uningestedApiList": "null",
  "highRiskThirdPartyEndpointsCount": 0
}

/api/deactivateCollections

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

Responses

200

description

application/json

post

/api/deactivateCollections

POST /api/deactivateCollections HTTP/1.1
Host: 
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 38

{
  "apiCollections": [
    {
      "id": 1111111111
    }
  ]
}

200

description

{
  "sensitiveUrlsInResponse": 0,
  "shadowApisCount": 0,
  "redacted": false,
  "riskScoreOfCollectionsMap": "{}",
  "apiCount": 0,
  "lastTrafficSeenMap": "{}",
  "uningestedApiCountMap": "{}",
  "endpointsFromConditions": "SUCCESS",
  "sensitiveUnauthenticatedEndpointsCount": 0,
  "endpointsListFromConditions": "SUCCESS",
  "apiStatsStart": "null",
  "criticalEndpointsCount": 0,
  "deactivatedHostnameCountMap": "{}",
  "countForHostnameDeactivatedCollections": "SUCCESS",
  "testedEndpointsMaps": "{}",
  "apiList": "null",
  "severityInfo": "{}",
  "sensitiveSubtypesInCollection": "{}",
  "hasUsageEndpoints": false,
  "countForUningestedApis": "SUCCESS",
  "apiCollectionId": 0,
  "timerInfo": "null",
  "response": {
    "apiCount": 0
  },
  "apiCollections": [
    {
      "hostName": "null",
      "urlsCount": 200,
      "runDependencyAnalyser": false,
      "displayName": "vulnerable_apis",
      "redact": true,
      "sseCallbackUrl": "null",
      "description": "mlewmdmweldmew",
      "startTs": 1756885374,
      "mcpCollection": false,
      "type": "null",
      "deactivated": false,
      "automated": false,
      "matchDependencyWithOtherCollections": false,
      "envType": [
        {
          "keyName": ",",
          "lastUpdatedTs": 0,
          "source": "USER",
          "value": ","
        }
      ],
      "vxlanId": 1111111111,
      "tagsList": [
        {
          "keyName": ",",
          "lastUpdatedTs": 0,
          "source": "USER",
          "value": ","
        }
      ],
      "genAICollection": false,
      "name": "vulnerable_apis",
      "userSetEnvType": "null",
      "id": 1111111111,
      "isOutOfTestingScope": true,
      "conditions": "null",
      "sampleCollectionsDropped": true
    }
  ],
  "mcpDataCount": 0,
  "usersCollectionList": {
    "NUMBER": "null"
  },
  "allUsersCollections": "SUCCESS",
  "apiStatsEnd": "null",
  "conditions": "null",
  "highRiskThirdPartyEndpointsCount": 0,
  "uningestedApiList": "null"
}

PreviousFetch Data NextSecurity Testing

Last updated 3 months ago

Was this helpful?