As of December 31st, 2023 ThreadFix 2.X has reached End of Life and is no longer supported. For any further information please contact the Success and Implementation team.

Update Application - API

/rest/{version}/applications/{appId}/update


Descriptor

Value

HTTP Method

PUT

Description

Updates the name of an application.

Required Permission

Manage Applications

Version Introduced2.3.0

Changes in 2.4.0                

Added the repositoryType parameter, which is required if you use repositoryUrl.

This change was also applied to the 2.3 version of the call.

Changes in 2.5.0.2

Added the filterSet parameter, which allows you to restrict Fortify Scans coming into the

application. This parameter is usable with all versions of the call.

Changes in 2.5.3Added the team parameter, which allows you to move an application from one team to another.
Changes in 2.7.1Added skipApplicationMerge parameter, which allows you to enable or disable the vulnerability merging for an application.
Changes in 2.8.2Added ability to update the application description.
Changes in 2.8.5Added the following parameters: testEnvironment, releaseFrequency, associatedUser, isInternal


Request Header Parameters

Parameter

Value

Required

Description

Accept

String

Yes

A value of ‘application/json’ must be provided.


Request PUT Data Parameters

Parameter

Value

Required*

Description

Available Values

name

String

No

The new name to assign to the application. Limit 100 characters.

N/A

url

String

No

The URL of where the application being assessed lives.

N/A

uniqueId

String

No

A unique ID value to assign to the application.

N/A

applicationCriticality

Integer

No

The severity level for the application, from 1 for Low to 4 for Critical.

“1”, “2”, “3”, “4”

frameworkType

String

No

The web framework the app was built on.

“DETECT”, “JSP”, “RAILS”, “SPRING_MVC”, “STRUTS”, “DOT_NET_MVC”, “DOT_NET_WEB_FORMS”

repositoryUrl

String

No

The repository where the source code for the app can be found.  Requires repositoryType to be specified.

N/A

repositoryType

String

Possibly

The type of repository your repositoryUrl refers to.  Required if you specify a repositoryUrl.

“GIT”, “SVN”

repositoryBranch

String

No

The git branch for the source code.

N/A

repositoryUserName

String

No

The user name to use for git credentials.

N/A

repositoryPassword

String

No

The password to use for git credentials.

N/A

repositoryFolder

String

No

The root directory for the source code.

N/A

filterSetStringNoThe name of the Filter Set from Fortify. If a Fortify scan does not have this as the default filter set, it cannot be uploaded to the application.N/A
teamIntegerNoThe team ID to which you want to move an application.N/A
skipApplicationMergeBooleanNoSetting to enable or disable vulnerability merging for an application.TRUE, FALSE
descriptionStringNoThe text to be included in the description field for the application.

testEnvironment

String

No

The name of the test environment associated with the application to be updated.N/A

releaseFrequency

StringNoSelectable option for how frequently the application updates."UNKNOWN", "DAILY", "WEEKLY", "BIWEEKLY", "MONTHLY"

associatedUser

StringNoUser name(s) associated with the application to be updated.N/A
isInternalBooleanNoSetting to enable or disable internal status for the application.N/A

* At least one parameter must be provided


Sample Call:

curl --insecure -H 'Accept: application/json' -H "Authorization: APIKEY {apiKey}" -X PUT --data "name=EditedApplication&url=http://localhost:8080&uniqueId=12345&applicationCriticality=4&frameworkType=DETECT&repositoryUrl=https://github.com/spring-projects/spring-petclinic.git&repositoryType=GIT&repositoryBranch=master&repositoryUserName=user&repositoryPassword=password&repositoryFolder=/&team=2&filterSet=Developer View" http://localhost:8080/threadfix/rest/latest/applications/1/update


Sample Output:


{
    "message": "",
    "success": true,
    "responseCode": -1,
    "object": "Fields updated successfully."
}

www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.

This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.