Register Scan Report - POST /reports/sastScan (v8.6.0 and up)
Generate a new CxSAST scan report. Once registered you can use GET /reports/sastScan/{id}/status to get the status of the scan report and then use GET /reports/sastScan/{id} to retrieve the generated report.
Usage:
1. POST /reports/sastScan and register a new report
2. GET /reports/sastScan/{id}/status and get the status of the specific report
3. GET /reports/sastScan/{id} and get the report when ready
URL
http://localhost/cxrestapi/reports/sastScan
Method:
POST
Media Type (header):
Authorization: Bearer <access token value>
Content-Type: application/json;v=1.0
cxOrigin: {request_origin}
Parameters
Required:
reportRequest=[body] – Report request:
reportType=[string] – Report type options are: PDF, RTF, CSV or XML
scanId=[integer] – Unique Id of the scan
Curl Sample:
curl -X POST --header 'Content-Type: application/json;v=1.0' --header 'Accept: application/json' --header 'Authorization: Bearer <access token> -d '{ \
"reportType": "XML", \
"scanId": 1000062 \
}' 'http://localhost/cxrestapi/reports/sastScan'
Sample Response:
{
"reportId": 6,
"links": {
"report": {
"rel": "content",
"uri": "/reports/sastScan/6"
},
"status": {
"rel": "status",
"uri": "/reports/sastScan/6/status"
}
}
}
Success Response:
Code: 202 Accepted
Error Response:
Code: 400 Bad Request
Notes:
- Generates a new CxSAST scan report. If the request fails, it returns an error response. The report Id (reportId) and the report format (reportType) must be the same as defined when the report is retrieved (GET /reports/sastScan/{id}); if not an error occurs.
- Reports generated in application/pdf format may not display correctly when using Swagger.
- CxOrigin verifies that the request comes from a plugin (for example Jenkins or CLI). Once verified, users with SAVE_SAST_SCAN permission can complete the call.
Read more: