As we reach the end of September 2024, ThreadFix version 3.x on-premises has officially reached its End-of-Life. Therefore, there is no longer support or updates for this version of the product. We have fully transitioned our product and development teams to focus ThreadFix SaaS and migrating all customers over from the on-premises versions. Our Customer Success and Support teams are here to help you in migrating to ThreadFix SaaS and maximizing the value you see from this improved offering from Coalfire. This is the next phase of ThreadFix and our team is looking forward to continuing to support you on this journey.

Queue Scan 3.0 - API

Owned by Daniel Colon
Last updated: Sept 15, 2021
1 min read

/rest/{version}/tasks/queueScan

Descriptor

Value

HTTP Method

POST

Description

Schedules a Scan Agent task for an application.

Required Permission

Manage Scan Agents

Version Introduced

2.3.0

Changes in 2.5

Adds a new “sync” parameter to allow call to wait until the queued scan has completed.

Request Header Parameters

Parameter

Value

Required

Description

Accept

String

Yes

A value of ‘application/json’ must be provided.

Request POST Data Parameters

Parameter

Value

Required

Description

Available Values

applicationId

Integer

Yes

The ID for the application to schedule a task for.

N/A

scannerType

String

Yes

The scanner the Scan Agent will use for the task.

  • Acunetix WVS

  • AppSpider

  • Burp Suite Pro

  • Security AppScan Standard

  • Nessus

  • OWASP Zed Attack Proxy

  • WebInspect

scanConfigId

Integer

No

The ID of a file uploaded to the application.  This will be used as the configuration file for the scan.

N/A

targetURL

URL

No*

The URL for the Scan Task.  *Required if the Application does not have a URL

N/A

sync

Boolean

No

If true, the response will not be returned until the queued Scan Agent Task has completed.  The default value is false.

N/A

Sample Call:

curl --insecure -H 'Accept: application/json' -H "Authorization: APIKEY {apiKey}" -X POST --data 'applicationId=1&scannerType=Burp Suite Pro&scanConfigId=1' http://localhost:8080/threadfix/rest/latest/tasks/queueScan

Sample Output:

Values for createTime and timeoutTime are returned as Epoch time in milliseconds.

{     "message": "",     "success": true,     "responseCode": -1,     "object": {         "id": 1,         "active": true,         "scanStatuses": [             {                 "id": 1,                 "active": true,                 "message": "Scan queued at: 03-02-16:22:28:457 +0000"             }         ],         "scanner": "Burp Suite Pro",         "version": null,         "createTime": 1454538486457,         "startTime": null,         "endTime": null,         "timeoutTime": 1454581686457,         "status": 1,         "scanAgentInfo": null,         "secureKey": null,         "scanAgentInstanceSecureKey": null,         "scanConfig": null,         "targetUrl": "http://localhost:8080/bodgeit",         "taskStatus": "STATUS_QUEUED",         "scannerShortName": "burp",         "statusString": "QUEUED"     }

www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.

This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.