As we reach the end of September 2024, ThreadFix version 3.x on-premises has officially reached its End-of-Life. Therefore, there is no longer support or updates for this version of the product. We have fully transitioned our product and development teams to focus ThreadFix SaaS and migrating all customers over from the on-premises versions. Our Customer Success and Support teams are here to help you in migrating to ThreadFix SaaS and maximizing the value you see from this improved offering from Coalfire. This is the next phase of ThreadFix and our team is looking forward to continuing to support you on this journey.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 6 Next »

/rest/{version}/applications/{appId}/update

Descriptor

Value

HTTP Method

PUT

Description

Updates the name of an application.

Required Permission

Manage Applications

Version Introduced

2.3.0

Changes in 2.4.0                

Added the repositoryType parameter, which is required if you use repositoryUrl.

This change was also applied to the 2.3 version of the call.

Changes in 2.5.0.2

Added the filterSet parameter, which allows you to restrict Fortify Scans coming into the

application. This parameter is usable with all versions of the call.

Changes in 2.5.3

Added the team parameter, which allows you to move an application from one team to another.

Changes in 2.7.1

Added skipApplicationMerge parameter, which allows you to enable or disable the vulnerability merging for an application.

Changes in 2.8.2

Added ability to update the application description.

Request Header Parameters

Parameter

Value

Required

Description

Accept

String

Yes

A value of ‘application/json’ must be provided.

Request PUT Data Parameters

Parameter

Value

Required*

Description

Available Values

name

String

No

The new name to assign to the application. Limit 100 characters.

N/A

url

String

No

The URL of where the application being assessed lives.

N/A

uniqueId

String

No

A unique ID value to assign to the application.

N/A

applicationCriticality

Integer

No

The severity level for the application, from 1 for Low to 4 for Critical.

“1”, “2”, “3”, “4”

frameworkType

String

No

The web framework the app was built on.

“DETECT”, “JSP”, “RAILS”, “SPRING_MVC”, “STRUTS”, “DOT_NET_MVC”, “DOT_NET_WEB_FORMS”

repositoryUrl

String

No

The repository where the source code for the app can be found.  Requires repositoryType to be specified.

N/A

repositoryType

String

Possibly

The type of repository your repositoryUrl refers to.  Required if you specify a repositoryUrl.

“GIT”, “SVN”

repositoryBranch

String

No

The git branch for the source code.

N/A

repositoryUserName

String

No

The user name to use for git credentials.

N/A

repositoryPassword

String

No

The password to use for git credentials.

N/A

repositoryFolder

String

No

The root directory for the source code.

N/A

filterSet

String

No

The name of the Filter Set from Fortify. If a Fortify scan does not have this as the default filter set, it cannot be uploaded to the application.

N/A

team

Integer

No

The team ID to which you want to move an application.

N/A

skipApplicationMerge

Boolean

No

Setting to enable or disable vulnerability merging for an application.

TRUE, FALSE

description

String

No

The text to be included in the description field for the application.


* At least one parameter must be provided

Sample Call:

curl --insecure -H 'Accept: application/json' -H "Authorization: APIKEY {apiKey}" -X PUT --data "name=EditedApplication&url=http://localhost:8080&uniqueId=12345&applicationCriticality=4&frameworkType=DETECT&repositoryUrl=https://github.com/spring-projects/spring-petclinic.git&repositoryType=GIT&repositoryBranch=master&repositoryUserName=user&repositoryPassword=password&repositoryFolder=/&team=2&filterSet=Developer View" http://localhost:8080/threadfix/rest/v2.5.0.2/applications/1/update

Sample Output:

{
    "message": "",
    "success": true,
    "responseCode": -1,
    "object": "Fields updated successfully."
}

  • No labels