Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: added new parameters per 2.8.5 release

Create Application

/rest/{version}/teams/{teamId}/applications/new

 


Descriptor

Value

HTTP Method

POST

Description

Creates an application under the given team with id of teamId.

Required Permission

Manage Applications

Version Introduced2.3.0
Changes in 2.7.

Restricted

True

 
5Added "testEnvironment", "releaseFrequency", and "isInternal" to the REST call response.
Changes in 2.7.9Added "unassignedVulnCount" for unmapped severities.
Changes in 2.8.2Added ability to add description to application.
Changes in 2.8.5Added the following parameters: testEnvironment, uniqueId, applicationCriticality, frameworkType, releaseFrequency, skipApplicationMerge, isInternal, associatedUser, repositoryUrl, repositoryType, repositoryBranch, repositoryUserName, repositoryPassword, repositoryFolder


Request Header Parameters

Parameter

Value

Required

Description

Accept

String

Yes

A value of ‘application/json’ must be provided.

 
AuthorizationAPIKEY {apiKey}YesAPI being used to execute API call.


Request POST Data Parameters

Parameter

Value

Required

Description

Available Values

name

String

Yes

The name of the new application that is being created.


url

String

noNo

The URL of where the application being assessed lives.


descriptionStringNoThe text to be included in the description field for the application.

testEnvironment

StringNoThe name of the test environment associated with the new application being created.N/A

uniqueId

StringNoA unique ID value to assign to the application.N/A

applicationCriticality

IntegerNoThe severity level for the application, from 1 for Low to 4 for Critical.

“1”, “2”, “3”, “4”

frameworkType

String

No


The web framework the app was built on.

“DETECT”, “JSP”, “RAILS”, “SPRING_MVC”, “STRUTS”, “DOT_NET_MVC”, “DOT_NET_WEB_FORMS”

releaseFrequency

String

No


Selectable option for how frequently the application updates."UNKNOWN", "DAILY", "WEEKLY", "BIWEEKLY", "MONTHLY"

skipApplicationMerge

BooleanNoSetting to enable or disable vulnerability merging for an application.TRUE, FALSE

isInternal

BooleanNoSetting to enable or disable internal status for the application.N/A

associatedUser

StringNoUser name(s) associated with the new application being created.N/A

repositoryUrl

StringNoThe repository where the source code for the app can be found.  Requires repositoryType to be specified.N/A

repositoryType

StringPossiblyThe type of repository your repositoryUrl refers to.  Required if you specify a repositoryUrl.“GIT”, “SVN”

repositoryBranch

StringNoThe git branch for the source code.N/A

repositoryUserName

StringNoThe user name to use for git credentials.N/A

repositoryPassword

StringNoThe password to use for git credentials.N/A
repositoryFolderStringNoThe root directory for the source code.N/A


Sample Call:

Code Block
languagebash
themeEclipse
curl --insecure -H 'Accept: application/json' -H "Authorization: APIKEY {apiKey}" -X POST --data 'name=Test App&url=http://example.com' http://localhost:8080/threadfix/rest/latest/teams/1/applications/new?apiKey={apiKey}

 


Sample Output:


Code Block
themeEclipse
{
       "message": "",
       "success": true,
       "responseCode": -1,
       "object": {
               "id": 238,
               "name": "TestAPI Appteam",
       
        "url": "http://example.com",
       
        "uniqueId": null,
               "applicationCriticality": {
                       "id": 1,
           
            "name": "Low"
        },
               },
        "policyStatuses": [],
        "description": null,
        "releaseFrequency": "UNKNOWN",
        "testEnvironment": null,
        "grcApplication": null,
               "scans": [],
       
        "infoVulnCount": 0,
               "lowVulnCount": 0,
               "mediumVulnCount": 0,
       
        "highVulnCount": 0,
       
        "criticalVulnCount": 0,
       
        "totalVulnCount": 0,
       ,
        "isInternal": false,
        "unassignedVulnCount": 0,
        "waf": null,
       
        "organization": {
                       "name": "Test Team",
           
            "id": 1
       
        }
       }
}


Page Tree
rootApplications API