Enabling the Application Security Management REST API interactive framework

The built-in REST API interface provides you with a way to visualize RESTful web services that are used for creating and updating applications, setting up application access for users, and adding or updating issues. Use the framework to interact with the API and get clear insight into how the API responds to parameters and options.

Before you begin

Note:
  1. To enable the framework's URL for users, the Product Administrator must modify the <install-dir>\AppScan Enterprise\Liberty\usr\servers\ase\config\asc.properties file by adding this line of code:ase.rest.doc.enabled=true. Otherwise, users get a 404 error page when they attempt to access the URL. Restart the HCL AppScan Enterprise Server service after you modify the asc.properties file.
  2. To access the interactive REST API framework, the instance name must be called 'ase' (for example, https://<domain>:9443/ase/api/pages/apidocs.html).

About this task

Learn how to use the interactive framework by following this example to create an application by using the /application REST API.

Procedure

  1. Log in to AppScan Enterprise.
  2. Go to https://<domain>:9443/ase/api/pages/apidocs.html. Bookmark the URL for future reference.
  3. Click applications to expand the descriptions and information.
    creating an application
  4. Click Create an application to expand the operation details.
    create an application
  5. In the Parameters section, click Model Schema.
    Model schema in parameters
  6. Click the text in the Model Schema edit box to copy the text as a JSON object request to the Parameter Value box.
    JSON object request
  7. Change the values of the JSON elements.
    For example, replace

    {
      "attributeCollection": {
        "attributeArray": [
          {
            "name": ""
          }
        ]
      },
      "id": 0,
      "name": "",
      "description": "",
      "dateCreated": "Timestamp",
      "lastUpdated": "Timestamp"
    }

    with

    {
      "attributeCollection": null,
      "id": 1,
      "name": "app1",
      "description": "template",
      "dateCreated": null,
      "lastUpdated": null
    }

  8. Execute the request and view the response.
    execute request and view response