9.3.0 API Updates

Owned by Johannes Stark (Unlicensed)
Last updated: Apr 29, 2021 by Eliezer Basner (Unlicensed)
4 min read

Contents for this section:

REST / SOAP / ODATA API

CategoryUpdatesDetails Information in the Knowledge CenterAdditional Resources

REST API

API Clients using REST

As part of the integration with our new Access Control, Cookie-based authentication is no longer supported and all API Clients must use Token-based authentication.

Token-based AuthenticationCookie-based Authentication

SOAP API

API Clients using SOAP

As part of the integration with our new Access Control system, the following authentication and authorization changes are introduced:​​

  • The SOAP Login/logout APIs are no longer supported
  • Authentication should be done using REST API (Token-based Authentication)
  • Subsequent SOAP requests should include the access token in the HTTP header ​
  • The parameter "SessionID" is no longer in use
The SOAP SDK will be deprecated as soon as REST alternatives are available​.
Token-based Authentication

CxSAST (SOAP) API

Initiating a Session

Mapping SOAP to REST

ODATA API

API Clients using ODATA


CxSAST (OData) API Authentication (v9.0.0 and up)

CxSAST/CxOSA APIs

General

CategoryUpdates DetailsInformation in the Knowledge CenterAdditional Resources

CxSAST API

Overview of the CxSAST (REST) API

The CxSAST (REST) API provides the ability to manage all CxSAST related tasks. For more information, see  CxSAST / CxOSA APIs - CxSAST, below.

CxSAST (REST) API

CxOSA API

Overview of the CxOSA (REST) API

The CxOSA (REST) API provides the ability to manage all CxOSA related tasks. For more information, see  CxSAST / CxOSA APIs - CxOSA, below.

CxOSA (REST) API

CxSAST

CategoryUpdates DetailsInformation in the Knowledge CenterAdditional Resources

API Versioning

Versioning was introduced to the CxSAST API in v8.6.0. The latest CxSAST APIs for v9.3.0 are installed with the most up to date API versions


Token-based Authentication (v8.6.0 and up)

New API Functionality

REST API to get the Best Fix Location


CxSAST (REST) API Summary (v9.3.0)

REST API to update the engine scan settings

This allows to update the following fields:

Engine Name

URI

Minimum LOC

Maximum LOC

Block engine (flag)

Maximum concurrent Scans




REST API to update result labels

This allows to update the following fields:

Change state

Change severity

Change user assignment

Add comment



Updated API Functionality

None




Updated API Documentation

None




CxREST API - Swagger


Login is required for exploring the CxSAST (REST) API through Swagger. To navigate to the relevant login page, click the login / authorize button.

CxSAST (REST) API - Swagger Examples (v9.3.0 and up)

Management & Orchestration APIs

Analytics (OData & REST)

CategoryUpdates DetailsInformation in the Knowledge CenterAdditional Resources

API Versioning

Versioning was introduced to the Analytics (OData) in v8.8.0. The latest Analytics (REST) APIs in v9.3.0 are installed with the latest API version.

In order to use different versions of the Analytics API you will need to specify the desired API version (Headers Content-Type) for each API call.

Using the Analytics Results (OData) API

Using the Analytics Dashboard (REST) API (v9.0.0 and up)


Updated API Functionality

APIs have been updated in accordance with latest Analytics API library version.




CxAnalytics API - Swagger



Swagger for Analytics Dashboard (REST) API (v9.3.0 - v1)

Remediation Intelligence

CategoryUpdates DetailsInformation in the Knowledge CenterAdditional Resources

API Versioning

Versioning was introduced to the Remediation Intelligence API in v9.0.0. The latest Remediation Intelligence APIs in v9.2.0 are installed with the latest API version.

In order to use different versions of the Policy Management API you will need to specify the desired API version (Headers Content-Type) for each API call.

Using the Remediation Intelligence (REST) API (v9.0.0 and up).

New Functionality

A new functionality has been added to the latest Remediation Intelligence API library version for the API set.




Updated Functionality

Various APIs have been updated in accordance with the latest Remediation Intelligence API library version.




Policy Management API - Swagger


Login is required for exploring the Remediation Intelligence (REST) API through Swagger. To navigate to the relevant login page, click the login / authorize button.

Swagger for Remediation Intelligence (REST) API (v9.3.0 - v1)

Policy Management

CategoryUpdate DetailsInformation in the Knowledge CenterAdditional Resources

API Versioning

Versioning was introduced to the Policy Management API in v8.8.0. The latest Policy Management APIs in v9.2.0 are installed with the latest API version.

In order to use different versions of the Policy Management API you will need to specify the desired API version (Headers Content-Type) for each API call.

Using the Policy Management (REST) API

New Functionality

A new functionality has been added to the latest Policy Management  API library version for the API set. 




Updated Functionality

Various APIs have been updated in accordance with latest Policy Management API library version.




Policy Management API - Swagger



Swagger for Policy Management (REST) API (v9.3.0 - v1)

Platform Services APIs

General

CategoryUpdatesDetails Information in the Knowledge CenterAdditional Resources

Access Control API

Overview of the Access Control (REST) API

The Access Control (REST) API provides the ability to manage all user/team management and access control setting tasks. For more information, see Platform Services APIs - Access Control, below.

Access Control (REST) API (v1.5 and up)

Access Control

CategoryUpdatesDetails Information in the Knowledge CenterAdditional Resources

API Versioning

Versioning was introduced to the Access Control API in v1.5.0. The latest Access Control APIs in v2.0.0 are installed with the latest API version (i.e. v=1.0).


In order to use different versions of the Access Control API you will need to specify the desired API version (Headers Content-Type) for each API call.

Using the Access Control (REST) API

New API Functionality



Access Control (REST) API Summary (v9.3.0)



Migrate Existing User - POST /Users/migration (v2.0 - v9.3.0)

Updated API Functionality

Various APIs have been updated in accordance with the latest Access Control API library version.




Access Control API - Swagger

To access a live Swagger environment navigate to: http://<ServerName>:<Port>/cxarm/dashboardapi/swagger/index/html (e.g. http://localhost:8080/cxrestapi/auth/swagger/index.html). 

Login is required for exploring the Access Control (REST) API through Swagger. To navigate to the relevant login page, click the login / authorize button.

Swagger for Access Control (v2.0.x) REST API (v1)

.