Modify Data

API

Description

POST /api/createCollection

Create a new API collection in Akto.

POST /api/createCustomCollection

Create a custom API collection by grouping selected APIs.

POST /api/addApisToCustomCollection

Add APIs to an existing custom collection.

POST /api/saveCollectionDescription

Save or update the description of a collection.

POST /api/updateEnvType

Update the environment type (e.g., prod, staging) for a collection.

POST /api/toggleCollectionsOutOfTestScope

Mark/unmark collections as out of test scope.

POST /api/deactivateCollections

Deactivate specific collections so they are no longer active.

POST /api/deleteMultipleCollections

Delete multiple collections at once.

POST /api/redactCollection

Redact sensitive data within a collection.

POST /api/saveEndpointDescription

Save or update the description of a specific API endpoint.

POST /api/loadParamsOfEndpoint

Load the parameters (query, path, body) of a given API endpoint.

POST /api/loadSensitiveParameters

Load parameters identified as sensitive for a given endpoint/collection.

POST /api/importDataFromOpenApiSpec

Import APIs and collections from an OpenAPI specification file.

POST /api/uploadHar

Upload a HAR (HTTP Archive) file to create or update API data in Akto.

POST /api/importSwaggerLogs

Approve and ingest a Swagger/OpenAPI file upload by pushing approved records to the API inventory via Kafka.

POST /api/importImpervaSchema

Parse an Imperva JSON schema and push the traffic asynchronously to the API inventory via Kafka.

POST /api/importFromUrl

Create an API collection by firing an HTTP request to the given URL and ingesting the response asynchronously.

POST /api/addOrUpdatePostmanCred

Save or update the Postman API key and workspace ID for the current account.

POST /api/createPostmanApi

Build an OpenAPI spec from a collection and export it to the Postman API asynchronously.

POST /api/savePostmanCollection

Fetch a specified Postman collection via the stored API key, convert it, and store it in Akto.

POST /api/ingestPostman

Approve and ingest a Postman file upload by pushing approved records to the API inventory via Kafka.

POST /api/deletePostmanImportLogs

Mark a Postman upload record for deletion so it is excluded from future import log listings.

/api/addApisToCustomCollection

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

collectionNamestringRequiredExample: Medium Risk APIs

Responses

200

description

application/json

post

/api/addApisToCustomCollection

POST /api/addApisToCustomCollection HTTP/1.1
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 163

{
  "collectionName": "Medium Risk APIs",
  "apiList": [
    {
      "method": "GET",
      "apiCollectionId": 1111111111,
      "url": "https://vulnerable-server.akto.io/api/college/revenue/32483"
    }
  ]
}

200

description

{
  "sensitiveUrlsInResponse": 0,
  "shadowApisCount": 0,
  "redacted": false,
  "apiCount": 0,
  "riskScoreOfCollectionsMap": "{}",
  "lastTrafficSeenMap": "{}",
  "uningestedApiCountMap": "{}",
  "endpointsFromConditions": "SUCCESS",
  "sensitiveUnauthenticatedEndpointsCount": 0,
  "endpointsListFromConditions": "SUCCESS",
  "apiStatsStart": "null",
  "deactivatedHostnameCountMap": "{}",
  "criticalEndpointsCount": 0,
  "countForHostnameDeactivatedCollections": "SUCCESS",
  "testedEndpointsMaps": "{}",
  "apiList": [
    {
      "method": "GET",
      "apiCollectionId": 1111111111,
      "url": "https://vulnerable-server.akto.io/api/college/revenue/32483"
    }
  ],
  "severityInfo": "{}",
  "sensitiveSubtypesInCollection": "{}",
  "hasUsageEndpoints": false,
  "countForUningestedApis": "SUCCESS",
  "apiCollectionId": 0,
  "timerInfo": "null",
  "response": {
    "apiCount": 0
  },
  "apiCollections": [
    {
      "hostName": "null",
      "urlsCount": 0,
      "runDependencyAnalyser": false,
      "displayName": "Password Reset APIs",
      "redact": false,
      "sseCallbackUrl": "null",
      "description": "null",
      "startTs": 1756885380,
      "mcpCollection": false,
      "type": "API_GROUP",
      "deactivated": false,
      "automated": true,
      "matchDependencyWithOtherCollections": false,
      "envType": "null",
      "vxlanId": 0,
      "tagsList": "null",
      "name": "Password Reset APIs",
      "userSetEnvType": "null",
      "genAICollection": false,
      "id": 111111130,
      "isOutOfTestingScope": false,
      "sampleCollectionsDropped": true,
      "conditions": "null"
    }
  ],
  "mcpDataCount": 0,
  "usersCollectionList": {
    "NUMBER": "null"
  },
  "allUsersCollections": "SUCCESS",
  "apiStatsEnd": "null",
  "conditions": "null",
  "uningestedApiList": "null",
  "highRiskThirdPartyEndpointsCount": 0
}

/api/saveEndpointDescription

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

methodstringRequiredExample: GET

descriptionstringRequiredExample: ldklewmldk

apiCollectionIdinteger · int32RequiredExample: 1111111111

urlstringRequiredExample: https://vulnerable-server.akto.io/api/college/revenue/32483

Responses

200

description

application/json

post

/api/saveEndpointDescription

POST /api/saveEndpointDescription HTTP/1.1
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 140

{
  "method": "GET",
  "description": "ldklewmldk",
  "apiCollectionId": 1111111111,
  "url": "https://vulnerable-server.akto.io/api/college/revenue/32483"
}

200

description

{
  "listOfEndpointsInCollection": "null",
  "notTestedEndpointsCount": 0,
  "endpoints": "null",
  "method": "GET",
  "oldCount": 0,
  "newCount": 0,
  "description": "ldklewmldk",
  "skip": 0,
  "severitiesCountPerCollection": "SUCCESS",
  "apiCollectionId": 1111111111,
  "filters": "null",
  "summaryInfoForChanges": "SUCCESS",
  "accessTypes": "SUCCESS",
  "url": "https://vulnerable-server.akto.io/api/college/revenue/32483",
  "deMergedApis": "SUCCESS",
  "urls": "null",
  "filterOperators": "null",
  "sortKey": "null",
  "severityMapForCollection": "{}",
  "response": "{}",
  "sortOrder": 0,
  "limit": 0,
  "onlyOnceTestedEndpointsCount": 0
}

/api/updateEnvType

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

resetEnvTypesbooleanRequiredExample: false

apiCollectionIdsinteger · int32[]RequiredExample: 1756885433

Responses

200

description

application/json

post

/api/updateEnvType

POST /api/updateEnvType HTTP/1.1
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 113

{
  "resetEnvTypes": false,
  "envType": [
    {
      "keyName": ",",
      "lastUpdatedTs": 0,
      "value": ","
    }
  ],
  "apiCollectionIds": [
    1756885433
  ]
}

200

description

{
  "sensitiveUrlsInResponse": 0,
  "shadowApisCount": 0,
  "redacted": false,
  "apiCount": 0,
  "riskScoreOfCollectionsMap": "{}",
  "lastTrafficSeenMap": "{}",
  "uningestedApiCountMap": "{}",
  "endpointsFromConditions": "SUCCESS",
  "sensitiveUnauthenticatedEndpointsCount": 0,
  "endpointsListFromConditions": "SUCCESS",
  "apiStatsStart": "null",
  "criticalEndpointsCount": 0,
  "deactivatedHostnameCountMap": "{}",
  "countForHostnameDeactivatedCollections": "SUCCESS",
  "testedEndpointsMaps": "{}",
  "apiList": "null",
  "severityInfo": "{}",
  "sensitiveSubtypesInCollection": "{}",
  "hasUsageEndpoints": false,
  "countForUningestedApis": "SUCCESS",
  "apiCollectionId": 0,
  "timerInfo": "null",
  "response": {
    "apiCount": 0
  },
  "mcpDataCount": 0,
  "usersCollectionList": {
    "NUMBER": "null"
  },
  "allUsersCollections": "SUCCESS",
  "apiStatsEnd": "null",
  "conditions": "null",
  "uningestedApiList": "null",
  "highRiskThirdPartyEndpointsCount": 0
}

/api/toggleCollectionsOutOfTestScope

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

currentIsOutOfTestingScopeValbooleanRequiredExample: false

apiCollectionIdsinteger · int32[]RequiredExample: 1111111111

Responses

200

description

application/json

post

/api/toggleCollectionsOutOfTestScope

POST /api/toggleCollectionsOutOfTestScope HTTP/1.1
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 71

{
  "currentIsOutOfTestingScopeVal": false,
  "apiCollectionIds": [
    1111111111
  ]
}

200

description

{
  "success": true
}

/api/uploadHar

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

skipKafkastringRequiredExample: false

harStringstringRequiredExample:

{ "log": { "version": "1.2", "creator": { "name": "ChatGPT HAR Generator", "version": "1.0" }, "entries": [ { "startedDateTime": "2025-05-12T10:00:00.000Z", "time": 120, "request": { "method": "GET", "url": "https://example.com/api/data", "httpVersion": "HTTP/1.1", "headers": [ { "name": "Accept", "value": "application/json" }, { "name": "User-Agent", "value": "HAR-Demo/1.0" } ], "queryString": [], "headersSize": 150, "bodySize": 0 }, "response": { "status": 200, "statusText": "OK", "httpVersion": "HTTP/1.1", "headers": [ { "name": "Content-Type", "value": "application/json" } ], "content": { "size": 74, "mimeType": "application/json", "text": "{\"id\":123,\"name\":\"Test Item\",\"description\":\"Sample data for HAR\"}" }, "redirectURL": "", "headersSize": 160, "bodySize": 74 }, "timings": { "send": 20, "wait": 80, "receive": 20 } } ] } }

hsFilestringRequiredExample:

{ "log": { "version": "1.2", "creator": { "name": "ChatGPT HAR Generator", "version": "1.0" }, "entries": [ { "startedDateTime": "2025-05-12T10:00:00.000Z", "time": 120, "request": { "method": "GET", "url": "https://example.com/api/data", "httpVersion": "HTTP/1.1", "headers": [ { "name": "Accept", "value": "application/json" }, { "name": "User-Agent", "value": "HAR-Demo/1.0" } ], "queryString": [], "headersSize": 150, "bodySize": 0 }, "response": { "status": 200, "statusText": "OK", "httpVersion": "HTTP/1.1", "headers": [ { "name": "Content-Type", "value": "application/json" } ], "content": { "size": 74, "mimeType": "application/json", "text": "{\"id\":123,\"name\":\"Test Item\",\"description\":\"Sample data for HAR\"}" }, "redirectURL": "", "headersSize": 160, "bodySize": 74 }, "timings": { "send": 20, "wait": 80, "receive": 20 } } ] } }

apiCollectionIdinteger · int32RequiredExample: 1756891710

Responses

200

description

application/json

post

/api/uploadHar

POST /api/uploadHar HTTP/1.1
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 2931

{
  "skipKafka": "false",
  "harString": "{\n  \"log\": {\n    \"version\": \"1.2\",\n    \"creator\": {\n      \"name\": \"ChatGPT HAR Generator\",\n      \"version\": \"1.0\"\n    },\n    \"entries\": [\n      {\n        \"startedDateTime\": \"2025-05-12T10:00:00.000Z\",\n        \"time\": 120,\n        \"request\": {\n          \"method\": \"GET\",\n          \"url\": \"https://example.com/api/data\",\n          \"httpVersion\": \"HTTP/1.1\",\n          \"headers\": [\n            { \"name\": \"Accept\", \"value\": \"application/json\" },\n            { \"name\": \"User-Agent\", \"value\": \"HAR-Demo/1.0\" }\n          ],\n          \"queryString\": [],\n          \"headersSize\": 150,\n          \"bodySize\": 0\n        },\n        \"response\": {\n          \"status\": 200,\n          \"statusText\": \"OK\",\n          \"httpVersion\": \"HTTP/1.1\",\n          \"headers\": [\n            { \"name\": \"Content-Type\", \"value\": \"application/json\" }\n          ],\n          \"content\": {\n            \"size\": 74,\n            \"mimeType\": \"application/json\",\n            \"text\": \"{\\\"id\\\":123,\\\"name\\\":\\\"Test Item\\\",\\\"description\\\":\\\"Sample data for HAR\\\"}\"\n          },\n          \"redirectURL\": \"\",\n          \"headersSize\": 160,\n          \"bodySize\": 74\n        },\n        \"timings\": {\n          \"send\": 20,\n          \"wait\": 80,\n          \"receive\": 20\n        }\n      }\n    ]\n  }\n}\n\n",
  "hsFile": "{\n  \"log\": {\n    \"version\": \"1.2\",\n    \"creator\": {\n      \"name\": \"ChatGPT HAR Generator\",\n      \"version\": \"1.0\"\n    },\n    \"entries\": [\n      {\n        \"startedDateTime\": \"2025-05-12T10:00:00.000Z\",\n        \"time\": 120,\n        \"request\": {\n          \"method\": \"GET\",\n          \"url\": \"https://example.com/api/data\",\n          \"httpVersion\": \"HTTP/1.1\",\n          \"headers\": [\n            { \"name\": \"Accept\", \"value\": \"application/json\" },\n            { \"name\": \"User-Agent\", \"value\": \"HAR-Demo/1.0\" }\n          ],\n          \"queryString\": [],\n          \"headersSize\": 150,\n          \"bodySize\": 0\n        },\n        \"response\": {\n          \"status\": 200,\n          \"statusText\": \"OK\",\n          \"httpVersion\": \"HTTP/1.1\",\n          \"headers\": [\n            { \"name\": \"Content-Type\", \"value\": \"application/json\" }\n          ],\n          \"content\": {\n            \"size\": 74,\n            \"mimeType\": \"application/json\",\n            \"text\": \"{\\\"id\\\":123,\\\"name\\\":\\\"Test Item\\\",\\\"description\\\":\\\"Sample data for HAR\\\"}\"\n          },\n          \"redirectURL\": \"\",\n          \"headersSize\": 160,\n          \"bodySize\": 74\n        },\n        \"timings\": {\n          \"send\": 20,\n          \"wait\": 80,\n          \"receive\": 20\n        }\n      }\n    ]\n  }\n}\n\n",
  "apiCollectionId": 1756891710
}

200

description

{
  "skipKafka": true
}

/api/deleteMultipleCollections

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

Responses

200

description

application/json

post

/api/deleteMultipleCollections

POST /api/deleteMultipleCollections HTTP/1.1
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 38

{
  "apiCollections": [
    {
      "id": 1756885433
    }
  ]
}

200

description

{
  "sensitiveUrlsInResponse": 0,
  "shadowApisCount": 0,
  "redacted": false,
  "apiCount": 0,
  "riskScoreOfCollectionsMap": "{}",
  "lastTrafficSeenMap": "{}",
  "uningestedApiCountMap": "{}",
  "endpointsFromConditions": "SUCCESS",
  "sensitiveUnauthenticatedEndpointsCount": 0,
  "endpointsListFromConditions": "SUCCESS",
  "apiStatsStart": "null",
  "deactivatedHostnameCountMap": "{}",
  "criticalEndpointsCount": 0,
  "countForHostnameDeactivatedCollections": "SUCCESS",
  "testedEndpointsMaps": "{}",
  "apiList": "null",
  "severityInfo": "{}",
  "sensitiveSubtypesInCollection": "{}",
  "hasUsageEndpoints": false,
  "countForUningestedApis": "SUCCESS",
  "apiCollectionId": 0,
  "timerInfo": "null",
  "response": {
    "apiCount": 0
  },
  "apiCollections": [
    {
      "hostName": "null",
      "urlsCount": 0,
      "runDependencyAnalyser": false,
      "displayName": "",
      "redact": false,
      "sseCallbackUrl": "null",
      "description": "null",
      "startTs": 0,
      "mcpCollection": false,
      "type": "null",
      "deactivated": false,
      "urls": "null",
      "automated": false,
      "matchDependencyWithOtherCollections": false,
      "envType": "null",
      "vxlanId": 0,
      "tagsList": "null",
      "name": "null",
      "genAICollection": false,
      "userSetEnvType": "null",
      "id": 1756885433,
      "isOutOfTestingScope": false,
      "sampleCollectionsDropped": false,
      "conditions": "null"
    }
  ],
  "mcpDataCount": 0,
  "usersCollectionList": {
    "NUMBER": "null"
  },
  "allUsersCollections": "SUCCESS",
  "apiStatsEnd": "null",
  "conditions": "null",
  "highRiskThirdPartyEndpointsCount": 0,
  "uningestedApiList": "null"
}

/api/saveCollectionDescription

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

descriptionstringRequiredExample: mlewmdmweldmew

apiCollectionIdinteger · int32RequiredExample: 1111111111

Responses

200

description

application/json

post

/api/saveCollectionDescription

POST /api/saveCollectionDescription HTTP/1.1
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 61

{
  "description": "mlewmdmweldmew",
  "apiCollectionId": 1111111111
}

200

description

{
  "sensitiveUrlsInResponse": 0,
  "shadowApisCount": 0,
  "redacted": false,
  "riskScoreOfCollectionsMap": "{}",
  "apiCount": 0,
  "lastTrafficSeenMap": "{}",
  "uningestedApiCountMap": "{}",
  "endpointsFromConditions": "SUCCESS",
  "sensitiveUnauthenticatedEndpointsCount": 0,
  "endpointsListFromConditions": "SUCCESS",
  "apiStatsStart": "null",
  "deactivatedHostnameCountMap": "{}",
  "criticalEndpointsCount": 0,
  "countForHostnameDeactivatedCollections": "SUCCESS",
  "testedEndpointsMaps": "{}",
  "severityInfo": "{}",
  "apiList": "null",
  "sensitiveSubtypesInCollection": "{}",
  "hasUsageEndpoints": false,
  "countForUningestedApis": "SUCCESS",
  "apiCollectionId": 1111111111,
  "timerInfo": "null",
  "response": {
    "apiCount": 0
  },
  "usersCollectionList": {
    "NUMBER": "null"
  },
  "mcpDataCount": 0,
  "allUsersCollections": "SUCCESS",
  "apiStatsEnd": "null",
  "conditions": "null",
  "uningestedApiList": "null",
  "highRiskThirdPartyEndpointsCount": 0
}

/api/loadSensitiveParameters

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

apiCollectionIdinteger · int32RequiredExample: 1111111111

Responses

200

description

application/json

post

/api/loadSensitiveParameters

POST /api/loadSensitiveParameters HTTP/1.1
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 30

{
  "apiCollectionId": 1111111111
}

200

description

{
  "data": {
    "endpoints": [
      {
        "sources": {
          "HAR": {
            "timestamp": 1756885376
          }
        },
        "isPrivate": true,
        "responseCode": 200,
        "duration": 0,
        "minValue": 9223372036854675000,
        "param": "email",
        "subTypeString": "EMAIL",
        "id": {
          "date": "2025-09-03T07:42:59",
          "timestamp": 1756885378
        },
        "timestamp": 1756885376,
        "isUrlParam": false,
        "method": "POST",
        "maxValue": -9223372036854675000,
        "isQueryParam": false,
        "strId": "68b7f18270e50e1f92f38fa4",
        "count": 1,
        "apiCollectionId": 1111111111,
        "sensitive": true,
        "url": "https://vulnerable-server.akto.io/api/v2/feePayment",
        "lastSeen": 1756885435,
        "publicCount": 0,
        "isHeader": false,
        "collectionIds": [
          111111201
        ],
        "domain": "ENUM",
        "subType": {
          "sensitiveAlways": true,
          "name": "EMAIL",
          "swaggerSchemaClass": "class io.swagger.v3.oas.models.media.EmailSchema",
          "superType": "STRING"
        },
        "queryParam": false,
        "uniqueCount": 0
      }
    ]
  }
}

/api/loadParamsOfEndpoint

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

methodstringRequiredExample: GET

apiCollectionIdinteger · int32RequiredExample: 1111111111

urlstringRequiredExample: https://vulnerable-server.akto.io/api/college/revenue/32483

Responses

200

description

application/json

post

/api/loadParamsOfEndpoint

POST /api/loadParamsOfEndpoint HTTP/1.1
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 113

{
  "method": "GET",
  "apiCollectionId": 1111111111,
  "url": "https://vulnerable-server.akto.io/api/college/revenue/32483"
}

200

description

{
  "data": {
    "params": [
      {
        "sources": {
          "HAR": {
            "timestamp": 1756885376
          }
        },
        "values": {
          "elements": [
            "JWT eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
          ]
        },
        "isPrivate": true,
        "responseCode": 200,
        "duration": 0,
        "minValue": 2,
        "param": "authorization",
        "subTypeString": "GENERIC",
        "id": {
          "date": "2025-09-03T07:42:59",
          "timestamp": 1756885378
        },
        "timestamp": 1756885376,
        "isUrlParam": false,
        "method": "GET",
        "strId": "68b7f18270e50e1f92f38d44",
        "isQueryParam": false,
        "maxValue": 2,
        "count": 1,
        "apiCollectionId": 1111111111,
        "sensitive": true,
        "url": "https://vulnerable-server.akto.io/api/college/revenue/32483",
        "lastSeen": 1756885435,
        "publicCount": 0,
        "isHeader": true,
        "collectionIds": [
          1111111111
        ],
        "domain": "ENUM",
        "subType": {
          "sensitiveAlways": true,
          "swaggerSchemaClass": "class io.swagger.v3.oas.models.media.EmailSchema",
          "name": "GENERIC",
          "superType": "STRING"
        },
        "queryParam": false,
        "uniqueCount": 0
      }
    ]
  }
}

/api/createCollection

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

collectionNamestringRequiredExample: kmlkm

Responses

200

description

application/json

post

/api/createCollection

POST /api/createCollection HTTP/1.1
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 26

{
  "collectionName": "kmlkm"
}

200

description

{
  "sensitiveUrlsInResponse": 0,
  "shadowApisCount": 0,
  "redacted": false,
  "apiCount": 0,
  "riskScoreOfCollectionsMap": "{}",
  "lastTrafficSeenMap": "{}",
  "uningestedApiCountMap": "{}",
  "endpointsFromConditions": "SUCCESS",
  "sensitiveUnauthenticatedEndpointsCount": 0,
  "endpointsListFromConditions": "SUCCESS",
  "apiStatsStart": "null",
  "criticalEndpointsCount": 0,
  "deactivatedHostnameCountMap": "{}",
  "countForHostnameDeactivatedCollections": "SUCCESS",
  "testedEndpointsMaps": "{}",
  "apiList": "null",
  "severityInfo": "{}",
  "sensitiveSubtypesInCollection": "{}",
  "hasUsageEndpoints": false,
  "countForUningestedApis": "SUCCESS",
  "apiCollectionId": 0,
  "timerInfo": "null",
  "response": {
    "apiCount": 0
  },
  "apiCollections": [
    {
      "hostName": "null",
      "urlsCount": 0,
      "runDependencyAnalyser": false,
      "displayName": "kmlkm",
      "redact": false,
      "sseCallbackUrl": "null",
      "description": "null",
      "startTs": 1756891710,
      "mcpCollection": false,
      "type": "null",
      "deactivated": false,
      "automated": false,
      "matchDependencyWithOtherCollections": false,
      "envType": "null",
      "vxlanId": 0,
      "tagsList": "null",
      "userSetEnvType": "null",
      "name": "kmlkm",
      "genAICollection": false,
      "id": 1756891710,
      "isOutOfTestingScope": false,
      "sampleCollectionsDropped": true,
      "conditions": "null"
    }
  ],
  "mcpDataCount": 0,
  "usersCollectionList": {
    "NUMBER": "null"
  },
  "allUsersCollections": "SUCCESS",
  "apiStatsEnd": "null",
  "conditions": "null",
  "highRiskThirdPartyEndpointsCount": 0,
  "uningestedApiList": "null"
}

/api/redactCollection

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

redactedbooleanRequiredExample: true

apiCollectionIdinteger · int32RequiredExample: 1111111111

Responses

200

description

application/json

post

/api/redactCollection

POST /api/redactCollection HTTP/1.1
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 46

{
  "redacted": true,
  "apiCollectionId": 1111111111
}

200

description

{
  "sensitiveUrlsInResponse": 0,
  "shadowApisCount": 0,
  "redacted": true,
  "apiCount": 0,
  "riskScoreOfCollectionsMap": "{}",
  "lastTrafficSeenMap": "{}",
  "uningestedApiCountMap": "{}",
  "endpointsFromConditions": "SUCCESS",
  "sensitiveUnauthenticatedEndpointsCount": 0,
  "endpointsListFromConditions": "SUCCESS",
  "apiStatsStart": "null",
  "deactivatedHostnameCountMap": "{}",
  "criticalEndpointsCount": 0,
  "countForHostnameDeactivatedCollections": "SUCCESS",
  "testedEndpointsMaps": "{}",
  "apiList": "null",
  "severityInfo": "{}",
  "sensitiveSubtypesInCollection": "{}",
  "hasUsageEndpoints": false,
  "countForUningestedApis": "SUCCESS",
  "apiCollectionId": 1111111111,
  "timerInfo": "null",
  "response": {
    "apiCount": 0
  },
  "usersCollectionList": {
    "NUMBER": "null"
  },
  "mcpDataCount": 0,
  "allUsersCollections": "SUCCESS",
  "apiStatsEnd": "null",
  "conditions": "null",
  "highRiskThirdPartyEndpointsCount": 0,
  "uningestedApiList": "null"
}

/api/importDataFromOpenApiSpec

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

openAPIStringstringRequiredExample:

{ "title": "Akto on akto", "steps": [ { "type": "setViewport", "width": 1290, "height": 326, "deviceScaleFactor": 1, "isMobile": false, "hasTouch": false, "timeout": 40000, "isLandscape": false }, { "type": "navigate", "url": "https://app-akto.us.auth0.com/u/login?state=hKFo2SB3UzduUmpsWnVnSnpjYmptelpkaVYydWV1QmFFTjBGQqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFluNlEtdk9qXzVRQkVtVjFEQV90NUU4VHpuVE1adnFYo2NpZNkgY0tFNFZOVXlvTG41SnVlb25kdFY2RDlmUGJKZ1ZpajM", "assertedEvents": [ { "type": "navigation", "url": "https://app-akto.us.auth0.com/u/login?state=hKFo2SB3UzduUmpsWnVnSnpjYmptelpkaVYydWV1QmFFTjBGQqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFluNlEtdk9qXzVRQkVtVjFEQV90NUU4VHpuVE1adnFYo2NpZNkgY0tFNFZOVXlvTG41SnVlb25kdFY2RDlmUGJKZ1ZpajM", "title": "Log in | Akto saas prod" } ] }, { "type": "keyDown", "target": "main", "timeout": 40000, "key": "Meta" }, { "type": "keyUp", "key": "Meta", "target": "main", "timeout": 40000 }, { "type": "change", "value": "bovepe1640@cavoyar.com", "selectors": [ [ "aria/Email address" ], [ "#username" ], [ "xpath///*[@id=\"username\"]" ], [ "pierce/#username" ] ], "target": "main", "timeout": 40000 }, { "type": "click", "target": "main", "selectors": [ [ "aria/Password" ], [ "#password" ], [ "xpath///*[@id=\"password\"]" ], [ "pierce/#password" ] ], "offsetY": 25, "offsetX": 140 }, { "type": "keyDown", "target": "main", "key": "Meta" }, { "type": "keyUp", "key": "Meta", "target": "main", "timeout": 40000 }, { "type": "change", "value": "Lollot@2", "selectors": [ [ "aria/Password" ], [ "#password" ], [ "xpath///*[@id=\"password\"]" ], [ "pierce/#password" ] ], "target": "main", "timeout": 40000 }, { "type": "click", "target": "main", "timeout": 40000, "selectors": [ [ "aria/Continue" ], [ "div.ca17d988b > button" ], [ "xpath//html/body/div/main/section/div/div/div/form/div[2]/button" ], [ "pierce/div.ca17d988b > button" ] ], "offsetY": 21, "offsetX": 173, "assertedEvents": [ { "type": "navigation", "url": "https://app.akto.io/dashboard/observe/inventory", "title": "" } ] } ] }

apiCollectionIdinteger · int32RequiredExample: 1111111111

Responses

200

description

application/json

post

/api/importDataFromOpenApiSpec

POST /api/importDataFromOpenApiSpec HTTP/1.1
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 4257

{
  "openAPIString": "{\n    \"title\": \"Akto on akto\",\n    \"steps\": [\n        {\n            \"type\": \"setViewport\",\n            \"width\": 1290,\n            \"height\": 326,\n            \"deviceScaleFactor\": 1,\n            \"isMobile\": false,\n            \"hasTouch\": false,\n            \"timeout\": 40000,\n            \"isLandscape\": false\n        },\n        {\n            \"type\": \"navigate\",\n            \"url\": \"https://app-akto.us.auth0.com/u/login?state=hKFo2SB3UzduUmpsWnVnSnpjYmptelpkaVYydWV1QmFFTjBGQqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFluNlEtdk9qXzVRQkVtVjFEQV90NUU4VHpuVE1adnFYo2NpZNkgY0tFNFZOVXlvTG41SnVlb25kdFY2RDlmUGJKZ1ZpajM\",\n            \"assertedEvents\": [\n                {\n                    \"type\": \"navigation\",\n                    \"url\": \"https://app-akto.us.auth0.com/u/login?state=hKFo2SB3UzduUmpsWnVnSnpjYmptelpkaVYydWV1QmFFTjBGQqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFluNlEtdk9qXzVRQkVtVjFEQV90NUU4VHpuVE1adnFYo2NpZNkgY0tFNFZOVXlvTG41SnVlb25kdFY2RDlmUGJKZ1ZpajM\",\n                    \"title\": \"Log in | Akto saas prod\"\n                }\n            ]\n        },\n        {\n            \"type\": \"keyDown\",\n            \"target\": \"main\",\n            \"timeout\": 40000,\n            \"key\": \"Meta\"\n        },\n        {\n            \"type\": \"keyUp\",\n            \"key\": \"Meta\",\n            \"target\": \"main\",\n            \"timeout\": 40000\n        },\n        {\n            \"type\": \"change\",\n            \"value\": \"bovepe1640@cavoyar.com\",\n            \"selectors\": [\n                [\n                    \"aria/Email address\"\n                ],\n                [\n                    \"#username\"\n                ],\n                [\n                    \"xpath///*[@id=\\\"username\\\"]\"\n                ],\n                [\n                    \"pierce/#username\"\n                ]\n            ],\n            \"target\": \"main\",\n            \"timeout\": 40000\n        },\n        {\n            \"type\": \"click\",\n            \"target\": \"main\",\n            \"selectors\": [\n                [\n                    \"aria/Password\"\n                ],\n                [\n                    \"#password\"\n                ],\n                [\n                    \"xpath///*[@id=\\\"password\\\"]\"\n                ],\n                [\n                    \"pierce/#password\"\n                ]\n            ],\n            \"offsetY\": 25,\n            \"offsetX\": 140\n        },\n        {\n            \"type\": \"keyDown\",\n            \"target\": \"main\",\n            \"key\": \"Meta\"\n        },\n        {\n            \"type\": \"keyUp\",\n            \"key\": \"Meta\",\n            \"target\": \"main\",\n            \"timeout\": 40000\n        },\n        {\n            \"type\": \"change\",\n            \"value\": \"Lollot@2\",\n            \"selectors\": [\n                [\n                    \"aria/Password\"\n                ],\n                [\n                    \"#password\"\n                ],\n                [\n                    \"xpath///*[@id=\\\"password\\\"]\"\n                ],\n                [\n                    \"pierce/#password\"\n                ]\n            ],\n            \"target\": \"main\",\n            \"timeout\": 40000\n        },\n        {\n            \"type\": \"click\",\n            \"target\": \"main\",\n            \"timeout\": 40000,\n            \"selectors\": [\n                [\n                    \"aria/Continue\"\n                ],\n                [\n                    \"div.ca17d988b > button\"\n                ],\n                [\n                    \"xpath//html/body/div/main/section/div/div/div/form/div[2]/button\"\n                ],\n                [\n                    \"pierce/div.ca17d988b > button\"\n                ]\n            ],\n            \"offsetY\": 21,\n            \"offsetX\": 173,\n            \"assertedEvents\": [\n                {\n                    \"type\": \"navigation\",\n                    \"url\": \"https://app.akto.io/dashboard/observe/inventory\",\n                    \"title\": \"\"\n                }\n            ]\n        }\n    ]\n}\n",
  "apiCollectionId": 1111111111
}

200

description

{
  "openAPIString": "{\n    \"title\": \"Akto on akto\",\n    \"steps\": [\n        {\n            \"type\": \"setViewport\",\n            \"width\": 1290,\n            \"height\": 326,\n            \"deviceScaleFactor\": 1,\n            \"isMobile\": false,\n            \"hasTouch\": false,\n            \"timeout\": 40000,\n            \"isLandscape\": false\n        },\n        {\n            \"type\": \"navigate\",\n            \"url\": \"https://app-akto.us.auth0.com/u/login?state=hKFo2SB3UzduUmpsWnVnSnpjYmptelpkaVYydWV1QmFFTjBGQqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFluNlEtdk9qXzVRQkVtVjFEQV90NUU4VHpuVE1adnFYo2NpZNkgY0tFNFZOVXlvTG41SnVlb25kdFY2RDlmUGJKZ1ZpajM\",\n            \"assertedEvents\": [\n                {\n                    \"type\": \"navigation\",\n                    \"url\": \"https://app-akto.us.auth0.com/u/login?state=hKFo2SB3UzduUmpsWnVnSnpjYmptelpkaVYydWV1QmFFTjBGQqFur3VuaXZlcnNhbC1sb2dpbqN0aWTZIFluNlEtdk9qXzVRQkVtVjFEQV90NUU4VHpuVE1adnFYo2NpZNkgY0tFNFZOVXlvTG41SnVlb25kdFY2RDlmUGJKZ1ZpajM\",\n                    \"title\": \"Log in | Akto saas prod\"\n                }\n            ]\n        },\n        {\n            \"type\": \"keyDown\",\n            \"target\": \"main\",\n            \"timeout\": 40000,\n            \"key\": \"Meta\"\n        },\n        {\n            \"type\": \"keyUp\",\n            \"key\": \"Meta\",\n            \"target\": \"main\",\n            \"timeout\": 40000\n        },\n        {\n            \"type\": \"change\",\n            \"value\": \"bovepe1640@cavoyar.com\",\n            \"selectors\": [\n                [\n                    \"aria/Email address\"\n                ],\n                [\n                    \"#username\"\n                ],\n                [\n                    \"xpath///*[@id=\\\"username\\\"]\"\n                ],\n                [\n                    \"pierce/#username\"\n                ]\n            ],\n            \"target\": \"main\",\n            \"timeout\": 40000\n        },\n        {\n            \"type\": \"click\",\n            \"target\": \"main\",\n            \"selectors\": [\n                [\n                    \"aria/Password\"\n                ],\n                [\n                    \"#password\"\n                ],\n                [\n                    \"xpath///*[@id=\\\"password\\\"]\"\n                ],\n                [\n                    \"pierce/#password\"\n                ]\n            ],\n            \"offsetY\": 25,\n            \"offsetX\": 140\n        },\n        {\n            \"type\": \"keyDown\",\n            \"target\": \"main\",\n            \"key\": \"Meta\"\n        },\n        {\n            \"type\": \"keyUp\",\n            \"key\": \"Meta\",\n            \"target\": \"main\",\n            \"timeout\": 40000\n        },\n        {\n            \"type\": \"change\",\n            \"value\": \"Lollot@2\",\n            \"selectors\": [\n                [\n                    \"aria/Password\"\n                ],\n                [\n                    \"#password\"\n                ],\n                [\n                    \"xpath///*[@id=\\\"password\\\"]\"\n                ],\n                [\n                    \"pierce/#password\"\n                ]\n            ],\n            \"target\": \"main\",\n            \"timeout\": 40000\n        },\n        {\n            \"type\": \"click\",\n            \"target\": \"main\",\n            \"timeout\": 40000,\n            \"selectors\": [\n                [\n                    \"aria/Continue\"\n                ],\n                [\n                    \"div.ca17d988b > button\"\n                ],\n                [\n                    \"xpath//html/body/div/main/section/div/div/div/form/div[2]/button\"\n                ],\n                [\n                    \"pierce/div.ca17d988b > button\"\n                ]\n            ],\n            \"offsetY\": 21,\n            \"offsetX\": 173,\n            \"assertedEvents\": [\n                {\n                    \"type\": \"navigation\",\n                    \"url\": \"https://app.akto.io/dashboard/observe/inventory\",\n                    \"title\": \"\"\n                }\n            ]\n        }\n    ]\n}\n",
  "importType": "null",
  "uploadDetails": "null",
  "uploadId": "68b8099fc74c9f211e0b9e5c",
  "lastFetchedMethod": "null",
  "apiInfoKeyList": "null",
  "lastFetchedUrl": "null"
}

/api/createCustomCollection

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

collectionNamestringRequiredExample: k

Responses

200

description

application/json

post

/api/createCustomCollection

POST /api/createCustomCollection HTTP/1.1
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 176

{
  "conditions": [
    {
      "data": {
        "apiList": [
          {
            "method": "GET",
            "apiCollectionId": 1756891710,
            "url": "https://example.com/api/data"
          }
        ]
      },
      "type": "CUSTOM",
      "operator": "AND"
    }
  ],
  "collectionName": "k"
}

200

description

{
  "sensitiveUrlsInResponse": 0,
  "shadowApisCount": 0,
  "redacted": false,
  "riskScoreOfCollectionsMap": "{}",
  "apiCount": 0,
  "lastTrafficSeenMap": "{}",
  "uningestedApiCountMap": "{}",
  "endpointsFromConditions": "SUCCESS",
  "sensitiveUnauthenticatedEndpointsCount": 0,
  "endpointsListFromConditions": "SUCCESS",
  "apiStatsStart": "null",
  "criticalEndpointsCount": 0,
  "deactivatedHostnameCountMap": "{}",
  "countForHostnameDeactivatedCollections": "SUCCESS",
  "testedEndpointsMaps": "{}",
  "severityInfo": "{}",
  "apiList": "null",
  "sensitiveSubtypesInCollection": "{}",
  "hasUsageEndpoints": false,
  "countForUningestedApis": "SUCCESS",
  "apiCollectionId": 0,
  "timerInfo": "null",
  "response": {
    "data": {
      "endpoints": [
        {
          "startTs": 1756891757,
          "_id": {
            "method": "GET",
            "apiCollectionId": 1756891710,
            "url": "https://example.com/api/data"
          },
          "changesCount": 6
        }
      ],
      "apiInfoList": [
        {
          "responseCodes": [
            200
          ],
          "discoveredTimestamp": 1756891757,
          "sources": {
            "HAR": {
              "timestamp": 1756891757
            }
          },
          "violations": "{}",
          "lastCalculatedTime": 0,
          "lastTested": 0,
          "description": "null",
          "severityScore": 0,
          "lastSeen": 1756891757,
          "actualAuthType": [
            "UNAUTHENTICATED"
          ],
          "allAuthTypesFound": [
            [
              "UNAUTHENTICATED"
            ]
          ],
          "collectionIds": [
            1756891783
          ],
          "isSensitive": false,
          "id": {
            "method": "GET",
            "apiCollectionId": 1756891710,
            "url": "https://example.com/api/data"
          },
          "riskScore": 0,
          "apiType": "REST"
        }
      ]
    },
    "apiCount": 0
  },
  "apiCollections": [
    {
      "hostName": "null",
      "urlsCount": 0,
      "runDependencyAnalyser": false,
      "displayName": "k",
      "redact": false,
      "sseCallbackUrl": "null",
      "description": "null",
      "mcpCollection": false,
      "startTs": 1756891783,
      "type": "API_GROUP",
      "deactivated": false,
      "urls": "null",
      "automated": false,
      "matchDependencyWithOtherCollections": false,
      "vxlanId": 0,
      "envType": "null",
      "tagsList": "null",
      "genAICollection": false,
      "userSetEnvType": "null",
      "name": "k",
      "id": 1756891783,
      "conditions": [
        {
          "apisList": [
            {
              "method": "GET",
              "apiCollectionId": 1756891710,
              "url": "https://example.com/api/data"
            }
          ],
          "type": "CUSTOM",
          "operator": "AND"
        }
      ],
      "sampleCollectionsDropped": false,
      "isOutOfTestingScope": false
    }
  ],
  "mcpDataCount": 0,
  "usersCollectionList": {
    "NUMBER": "null"
  },
  "allUsersCollections": "SUCCESS",
  "apiStatsEnd": "null",
  "conditions": [
    {
      "data": {
        "apiList": [
          {
            "method": "GET",
            "apiCollectionId": 1756891710,
            "url": "https://example.com/api/data"
          }
        ]
      },
      "type": "CUSTOM",
      "operator": "AND"
    }
  ],
  "uningestedApiList": "null",
  "highRiskThirdPartyEndpointsCount": 0
}

/api/deactivateCollections

post

Header parameters

x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY

Body

Responses

200

description

application/json

post

/api/deactivateCollections

POST /api/deactivateCollections HTTP/1.1
x-api-key: API_KEY
Content-Type: application/json
Accept: */*
Content-Length: 38

{
  "apiCollections": [
    {
      "id": 1111111111
    }
  ]
}

200

description

{
  "sensitiveUrlsInResponse": 0,
  "shadowApisCount": 0,
  "redacted": false,
  "riskScoreOfCollectionsMap": "{}",
  "apiCount": 0,
  "lastTrafficSeenMap": "{}",
  "uningestedApiCountMap": "{}",
  "endpointsFromConditions": "SUCCESS",
  "sensitiveUnauthenticatedEndpointsCount": 0,
  "endpointsListFromConditions": "SUCCESS",
  "apiStatsStart": "null",
  "criticalEndpointsCount": 0,
  "deactivatedHostnameCountMap": "{}",
  "countForHostnameDeactivatedCollections": "SUCCESS",
  "testedEndpointsMaps": "{}",
  "apiList": "null",
  "severityInfo": "{}",
  "sensitiveSubtypesInCollection": "{}",
  "hasUsageEndpoints": false,
  "countForUningestedApis": "SUCCESS",
  "apiCollectionId": 0,
  "timerInfo": "null",
  "response": {
    "apiCount": 0
  },
  "apiCollections": [
    {
      "hostName": "null",
      "urlsCount": 200,
      "runDependencyAnalyser": false,
      "displayName": "vulnerable_apis",
      "redact": true,
      "sseCallbackUrl": "null",
      "description": "mlewmdmweldmew",
      "startTs": 1756885374,
      "mcpCollection": false,
      "type": "null",
      "deactivated": false,
      "automated": false,
      "matchDependencyWithOtherCollections": false,
      "envType": [
        {
          "keyName": ",",
          "lastUpdatedTs": 0,
          "source": "USER",
          "value": ","
        }
      ],
      "vxlanId": 1111111111,
      "tagsList": [
        {
          "keyName": ",",
          "lastUpdatedTs": 0,
          "source": "USER",
          "value": ","
        }
      ],
      "genAICollection": false,
      "name": "vulnerable_apis",
      "userSetEnvType": "null",
      "id": 1111111111,
      "isOutOfTestingScope": true,
      "conditions": "null",
      "sampleCollectionsDropped": true
    }
  ],
  "mcpDataCount": 0,
  "usersCollectionList": {
    "NUMBER": "null"
  },
  "allUsersCollections": "SUCCESS",
  "apiStatsEnd": "null",
  "conditions": "null",
  "highRiskThirdPartyEndpointsCount": 0,
  "uningestedApiList": "null"
}

Approve and ingest a Swagger file upload

post

Pushes approved records from the specified Swagger/OpenAPI upload to Kafka (topic akto.api.logs) for async ingestion into the Akto API inventory. Only endpoints matching the chosen importType are included.

Source: OpenApiAction.importFile()

Body

uploadIdstringRequired

ID of the Swagger file upload to ingest.

Example: upload_abc123def456

importTypestring · enumRequired

Whether to ingest only successfully parsed endpoints (ONLY_SUCCESSFUL_APIS) or all endpoints including those with non-fatal parse errors (ALL_APIS).

Example: ONLY_SUCCESSFUL_APISPossible values:

Responses

200

Import queued successfully. Ingestion happens asynchronously via Kafka.

No content

400

uploadId is not found or records cannot be read.

post

/api/importSwaggerLogs

POST /api/importSwaggerLogs HTTP/1.1
Content-Type: application/json
Accept: */*
Content-Length: 70

{
  "uploadId": "upload_abc123def456",
  "importType": "ONLY_SUCCESSFUL_APIS"
}

No content

Import Imperva schema

post

Parses a raw Imperva JSON string (max 10 MB), creates or finds an API collection named after the extracted hostname, and pushes the parsed traffic asynchronously to Kafka for ingestion into the API inventory. generateMultipleSamples controls whether multiple sample request/response pairs are generated per endpoint.

Source: ImpervaImportAction.execute()

Body

impervaStringstringRequired

Raw Imperva JSON string. Maximum size is 10 MB.

Example: {"services":[{"hostname":"api.example.com","traffic":[]}]}

generateMultipleSamplesbooleanOptional

If true, generates multiple sample messages per endpoint instead of just one.

Default: falseExample: false

Responses

200

Import initiated successfully.

application/json

messagestringOptional

Human-readable success message.

Example: Imperva schema imported successfully. Collection: api.example.com

actionErrorsstring[]Optional

400

impervaString is null/empty or exceeds the 10 MB size limit.

post

/api/importImpervaSchema

POST /api/importImpervaSchema HTTP/1.1
Content-Type: application/json
Accept: */*
Content-Length: 118

{
  "impervaString": "{\"services\":[{\"hostname\":\"api.example.com\",\"traffic\":[]}]}",
  "generateMultipleSamples": false
}

{
  "message": "Imperva schema imported successfully. Collection: api.example.com",
  "actionErrors": [
    "text"
  ]
}

Import APIs from a URL

post

Creates an API collection named after the URL's hostname (tagged as GenAI), then fires an HTTP request to the given URL asynchronously and ingests the response via Kafka. Omit requestBody to use GET; provide it to send a POST with that body. An optional testRoleId enables authenticated fetching using a pre-configured test role.

Source: AgentImportAction.importFromUrl()

Body

urlstringRequired

Full URL to fetch. The hostname is used as the collection name.

Example: https://api.example.com/openapi.json

testRoleIdstringOptional

Optional ObjectId hex of the test role to use for authentication when fetching the URL.

Example: 60a7b2c3d4e5f6a7b8c9d0e1

requestBodystringOptional

Optional POST body. If set, the URL is fetched with HTTP POST using this as the body. Omit to use GET.

Responses

200

Import initiated. Ingestion happens asynchronously.

No content

400

url is null or empty.

post

/api/importFromUrl

POST /api/importFromUrl HTTP/1.1
Content-Type: application/json
Accept: */*
Content-Length: 46

{
  "url": "https://api.example.com/openapi.json"
}

No content

Add or update Postman API key

post

Upserts the Postman credential (API key and workspace ID) for the current account in third_party_access. Used by subsequent Postman integration calls (createPostmanApi, savePostmanCollection).

Source: PostmanAction.addOrUpdateApiKey()

Body

api_keystringRequired

Postman API key.

Example: [REDACTED_POSTMAN_API_KEY]

workspace_idstringRequired

Postman workspace UUID.

Example: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Responses

200

Credentials saved successfully.

No content

post

/api/addOrUpdatePostmanCred

POST /api/addOrUpdatePostmanCred HTTP/1.1
Content-Type: application/json
Accept: */*
Content-Length: 94

{
  "api_key": "[REDACTED_POSTMAN_API_KEY]",
  "workspace_id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
}

200

Credentials saved successfully.

No content

Export a collection to Postman

post

Builds an OpenAPI spec from the stored sample data for the given collection and pushes it to the Postman API asynchronously using the API key stored via addOrUpdatePostmanCred. An optional apiInfoKeyList restricts the export to a specific subset of endpoints; if omitted, the entire collection is exported.

Source: PostmanAction.createPostmanApi()

Body

apiCollectionIdintegerRequired

ID of the API collection to export.

Example: 1234567890

Responses

200

Export queued successfully. Upload to Postman happens asynchronously.

No content

post

/api/createPostmanApi

POST /api/createPostmanApi HTTP/1.1
Content-Type: application/json
Accept: */*
Content-Length: 30

{
  "apiCollectionId": 1234567890
}

200

Export queued successfully. Upload to Postman happens asynchronously.

No content

Import a Postman collection into Akto

post

Fetches the specified Postman collection via the stored Postman API key, converts it through Akto's Node.js conversion service, and stores the resulting APISpec document in MongoDB.

Source: PostmanAction.savePostmanCollection()

Body

postmanCollectionIdstringRequired

Postman collection UUID (found in the Postman share URL).

Example: 12345678-abcd-ef01-2345-67890abcdef0

apiCollectionIdintegerRequired

Akto collection ID to associate with the imported Postman collection.

Example: 1234567890

Responses

200

Collection imported and APISpec stored.

No content

post

/api/savePostmanCollection

POST /api/savePostmanCollection HTTP/1.1
Content-Type: application/json
Accept: */*
Content-Length: 91

{
  "postmanCollectionId": "12345678-abcd-ef01-2345-67890abcdef0",
  "apiCollectionId": 1234567890
}

200

Collection imported and APISpec stored.

No content

Approve and ingest a Postman file upload

post

Pushes approved records from the specified Postman file upload to Kafka (topic akto.api.logs) for async ingestion. Only endpoints matching the chosen importType are included.

Source: PostmanAction.importFile()

Body

uploadIdstringRequired

ID of the Postman file upload to ingest.

Example: postman_upload_xyz789

importTypestring · enumRequired

Whether to ingest only successfully parsed endpoints or all endpoints including those with non-fatal parse errors.

Example: ALL_APISPossible values:

Responses

200

Import queued successfully.

No content

post

/api/ingestPostman

POST /api/ingestPostman HTTP/1.1
Content-Type: application/json
Accept: */*
Content-Length: 60

{
  "uploadId": "postman_upload_xyz789",
  "importType": "ALL_APIS"
}

200

Import queued successfully.

No content

Mark a Postman upload for deletion

post

Sets markedForDeletion: true on the specified upload record so it is excluded from future import log listings.

Source: PostmanAction.markImportForDeletion()

Body

uploadIdstringRequired

ID of the Postman upload to mark for deletion.

Example: postman_upload_xyz789

Responses

200

Upload marked for deletion.

No content

post

/api/deletePostmanImportLogs

POST /api/deletePostmanImportLogs HTTP/1.1
Content-Type: application/json
Accept: */*
Content-Length: 36

{
  "uploadId": "postman_upload_xyz789"
}

200

Upload marked for deletion.

No content

PreviousFetch Data NextSecurity Testing

Last updated 1 month ago