As of December 31st, 2023 ThreadFix 2.X has reached End of Life and is no longer supported. For any further information please contact the Success and Implementation team.
Set Application Parameters - API
- Kyle Pippin (Unlicensed)
- Daniel Colon
- David Harrison (Unlicensed)
/rest/{version}/applications/{appId}/setParameters
Descriptor | Value |
|---|---|
HTTP Method | POST |
Description | Sets parameters for the Hybrid Analysis Mapping ThreadFix functionality. |
Required Permission | Manage Applications |
Version Introduced | 2.3.0 |
Changes in 2.5.1 | Adds the updatedDate field to the response. This field is present when using older REST versions as well. |
Changes in 2.7.5 | Added "testEnvironment", "releaseFrequency", and "isInternal" to the REST call response. |
Changes in 2.7.9 | Added "unassignedVulnCount" for unmapped severities. |
Request Header Parameters
Parameter | Value | Required | Description |
|---|---|---|---|
Accept | String | Yes | A value of ‘application/json’ must be provided. |
Request POST Data Parameters
Parameter | Value | Required | Description | Values |
|---|---|---|---|---|
frameworkType | String | Yes | The web framework the app was built on. | “DETECT”, “JSP”, “RAILS”, “SPRING_MVC”, “STRUTS”, “DOT_NET_MVC”, “DOT_NET_WEB_FORMS” |
repositoryUrl | String | yes | The git repository where the source code for the app can be found. | N/A |
Sample Call:
curl --insecure -H 'Accept: application/json' -H "Authorization: APIKEY {apiKey}" -X POST --data 'frameworkType=SPRING_MVC&repositoryUrl=http://repo.example.com' http://localhost:8080/threadfix/rest/latest/applications/3/setParametersSample Output:
Values for importTime and updatedDate are returned as Epoch time in milliseconds.
{
"message": "",
"success": true,
"responseCode": -1,
"object": {
"id": 3,
"name": "Another Application",
"url": null,
"uniqueId": "alpha",
"applicationCriticality": {
"id": 2,
"name": "Medium"
},
"policyStatuses": [],
"description": null,
"releaseFrequency": "UNKNOWN",
"testEnvironment": null,
"grcApplication": null,
"scans": [
{
"id": 5,
"importTime": 1458328605000,
"updatedDate": 1458328605000,
"numberClosedVulnerabilities": 0,
"numberNewVulnerabilities": 0,
"numberOldVulnerabilities": 0,
"numberResurfacedVulnerabilities": 0,
"numberTotalVulnerabilities": 1,
"numberRepeatResults": 0,
"numberRepeatFindings": 0,
"numberInfoVulnerabilities": 0,
"numberLowVulnerabilities": 0,
"numberMediumVulnerabilities": 1,
"numberHighVulnerabilities": 0,
"numberCriticalVulnerabilities": 0,
"scannerName": "Manual"
},
{
"id": 6,
"importTime": 1320440009000,
"udpatedDate": 1320440009000,
"numberClosedVulnerabilities": 0,
"numberNewVulnerabilities": 29,
"numberOldVulnerabilities": 0,
"numberResurfacedVulnerabilities": 0,
"numberTotalVulnerabilities": 29,
"numberRepeatResults": 0,
"numberRepeatFindings": 0,
"numberInfoVulnerabilities": 1,
"numberLowVulnerabilities": 14,
"numberMediumVulnerabilities": 6,
"numberHighVulnerabilities": 2,
"numberCriticalVulnerabilities": 6,
"scannerName": "WebInspect"
}
],
"infoVulnCount": 1,
"lowVulnCount": 14,
"mediumVulnCount": 7,
"highVulnCount": 2,
"criticalVulnCount": 6,
"totalVulnCount": 30,
"totalVulnCount": 0,
"isInternal": false,
"waf": null,
"organization": {
"name": "Another Team",
"id": 2
}
}
} www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.
This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.