Modify Data

API
Description

POST /api/startTest

Start a new test run on the selected API collections or endpoints.

POST /api/stopTest

Stop an ongoing test run before it completes.

POST /api/importInBurp

Paginate through sample data for a collection and return Burp Suite-compatible HTTP request/response strings.

POST /api/uploadRecordedFlow

Upload and optionally execute a recorded login flow to extract an authentication token.

/api/stopTest

post
Header parameters
x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY
Body
testingRunHexIdstringRequiredExample: 68b841d0828b657eb835f30c
Responses
chevron-right
200

description

application/json
post
/api/stopTest
200

description

/api/startTest

post
Header parameters
x-api-keystringRequired

You can get this from Settings > Integrations > Akto APls > Generate token

Example: API_KEY
Body
autoTicketingDetailsstringRequiredExample: null
continuousTestingbooleanRequiredExample: false
sendMsTeamsAlertbooleanRequiredExample: false
selectedTestsstring[]RequiredExample: ID_WRAP_ARRAY_OF_PARAMS_JSON_BODY_INTEGER_VAL
sourcestringRequiredExample: TESTING_UI
maxConcurrentRequestsinteger · int32RequiredExample: -1
typestringRequiredExample: CUSTOM
cleanUpTestingResourcesbooleanRequiredExample: false
recurringDailybooleanRequiredExample: false
overriddenTestAppUrlstringRequired
sendSlackAlertbooleanRequiredExample: false
recurringWeeklybooleanRequiredExample: false
testRunTimeinteger · int32RequiredExample: -1
startTimestampinteger · int32RequiredExample: 1756905566
recurringMonthlybooleanRequiredExample: false
testRoleIdstringRequired
testNamestringRequiredExample: juice_shop_demo_BFLA_BOLA_NO_AUTH
Responses
chevron-right
200

description

application/json
post
/api/startTest
200

description

Bulk-export collection sample data for Burp Suite

post

Paginates through the sample data of the named collection and returns Burp Suite-compatible raw HTTP request + response strings for each endpoint. Pagination is cursor-based: pass lastUrlFetched and lastMethodFetched from the previous response to fetch the next page. Maximum 500 endpoints per page.

Source: ExportSampleDataAction.importInBurp()

Body
collectionNamestringRequired

Name of the API collection to paginate.

Example: My API Collection
lastUrlFetchedstringOptional

Pagination cursor: URL returned at the end of the previous page. Omit on the first request.

lastMethodFetchedstringOptional

Pagination cursor: HTTP method returned at the end of the previous page. Omit on the first request.

limitintegerOptional

Number of endpoints per page. Values ≤ 0 or > 500 are clamped to 500.

Example: 100
Responses
chevron-right
200

Paginated Burp request/response entries.

application/json
lastUrlFetchedstringOptional

Pass this value as lastUrlFetched in the next request to get the next page. null when there is no more data.

Example: /api/users
lastMethodFetchedstringOptional

Pass this value as lastMethodFetched in the next request.

Example: GET
actionErrorsstring[]Optional
post
/api/importInBurp

Upload a recorded login flow

post

Stores a recorded login flow and optionally executes it to extract an auth token. Two modes are supported:

  • Standard mode (default): miniTestingServiceName is null or hybridTestingEnabled is false for the account. The flow is triggered asynchronously. testingRunPlaygroundId is null in the response.

  • Hybrid mode: miniTestingServiceName is set AND the account has hybridTestingEnabled. A TestingRunPlayground document is created and its ID is returned. Poll fetchRecordedFlowOutput with this ID to retrieve the token.

Source: LoginRecorderAction.uploadRecordedFlow()

Body
contentstringRequired

JSON string representing the recorded login flow steps.

Example: [{"action":"navigate","url":"https://app.example.com/login"},{"action":"type","selector":"#username","value":"admin"},{"action":"click","selector":"#login-btn"}]
tokenFetchCommandstringRequired

JavaScript expression or command executed after the login flow to extract the auth token (e.g. document.cookie).

Example: document.cookie
roleNamestringRequired

Name of the test role to associate with this login flow.

Example: admin
miniTestingServiceNamestringOptional

If set and the account has hybridTestingEnabled, activates hybrid mode and a TestingRunPlayground ID is returned for polling.

Responses
chevron-right
200

Flow uploaded. testingRunPlaygroundId is non-null only in hybrid mode.

application/json
testingRunPlaygroundIdstringOptional

ObjectId hex of the TestingRunPlayground document. null in standard mode.

actionErrorsstring[]Optional
post
/api/uploadRecordedFlow
200

Flow uploaded. testingRunPlaygroundId is non-null only in hybrid mode.

Last updated