REST API

The built-in REST API interface provides you with a way to visualize RESTful web services. The API documentation is built by using Swagger, where you can test API operations and instantly view the results to help you scan your applications faster.

About this task

Learn how to use the interactive framework by following this example to import an application inventory by using the /api/v2/Apps/ImportFile REST API.

Procedure

  1. Go to cloud.appscan.com/swagger, and bookmark it for future reference.
  2. Log in with your HCL ID.
    1. Expand the Account API and click POST api/v2/Account/ApiKeyLogin to expand the operation details.
    2. Click the text in the Example Value box and copy it as a JSON object request into the apiKey box.

    3. Replace the "string" parameters with your HCL ID user name and password (keep the quotation marks), and then click Try it out!.
    4. Copy the "Token" value from the Response Body.

    5. Paste it into the Access token field at the top of the Swagger UI. From now on the token will be applied automatically to all API calls.
  3. Create an asset group.
    1. Expand the Asset Groups API and click POST /api/v2/AssetGroups.
    2. In the Parameters section, click the text in the Example Value edit box to copy the text as a JSON object request to the IBMIdModel box.
    3. Replace the "string" parameters with a name and description for the asset group (keep the quotation marks) and then click Try it out!.
      Getting an Asset Group ID
    4. Make note of the ID in the Response Body section. You'll need to use that ID in the next API.
  4. Import an application inventory file.
    1. Expand the Applications API and click POST /api/V2/Apps/ImportFile. In the Implementation section, there is a sample file that you can download to get a sense of the types of attributes to include in your file.
    2. Enter the assetGroupId from step 3d in the Value field of the Parameters section.
    3. Click Browse in the fileToUpload section to locate your CSV file of applications to import.
    4. Click Try it out!.
    5. In the Response Headers section, copy the ID from the "Location" line.
      JobID for importing apps
    6. Expand the POST /api/v2/Apps/ImportJobs/{jobId} API.
    7. Enter the ID into the jobID field and click Try it out!.

Results

A successful import looks something like this example:
Successful application import