As of December 31st, 2023 ThreadFix 2.X has reached End of Life and is no longer supported. For any further information please contact the Success and Implementation team.
Set Application WAF - API
/rest/{version}/applications/{appId}/setWaf
Descriptor | Value |
---|---|
HTTP Method | POST |
Description | Sets the application’s WAF to the WAF with the specified ID. |
Required Permission | Manage Applications |
Version Introduced | 2.3.0 |
Changes in 2.5.1 | Adds "updatedDate" to the response. This field will appear when using earlier REST versions as well. |
Changes in 2.7.5 | Added "testEnvironment", "releaseFrequency", and "isInternal" to the REST call response. |
Changes in 2.7.9 | Added "unassignedVulnCount" for unmapped severities. |
Request Header Parameters
Parameter | Value | Required | Description |
---|---|---|---|
Accept | String | Yes | A value of ‘application/json’ must be provided. |
Request POST Data Parameters
Parameter | Value | Required | Description |
---|---|---|---|
wafId | Integer | yes | WAF identifier. |
Sample Call:
curl --insecure -H 'Accept: application/json' -H "Authorization: APIKEY {apiKey}" -X POST --data 'wafId=1' http://localhost:8080/threadfix/rest/latest/applications/1/setWaf
Sample Output:
Values for importTime and updatedDate are returned as Epoch time in milliseconds
{
"message": "",
"success": true,
"responseCode": -1,
"object": {
"id": 1,
"name": "Application",
"url": null,
"uniqueId": null,
"applicationCriticality": {
"id": 2,
"name": "Medium"
},
"policyStatuses": [],
"description": null,
"releaseFrequency": "UNKNOWN",
"testEnvironment": null,
"grcApplication": null,
"scans": [
{
"id": 1,
"importTime": 1309962639000,
"updatedDate": 1309962639000,
"numberClosedVulnerabilities": 0,
"numberNewVulnerabilities": 2,
"numberOldVulnerabilities": 0,
"numberResurfacedVulnerabilities": 0,
"numberTotalVulnerabilities": 2,
"numberRepeatResults": 0,
"numberRepeatFindings": 0,
"numberInfoVulnerabilities": 0,
"numberLowVulnerabilities": 0,
"numberMediumVulnerabilities": 1,
"numberHighVulnerabilities": 1,
"numberCriticalVulnerabilities": 0,
"scannerName": "w3af"
}
],
"infoVulnCount": 0,
"lowVulnCount": 0,
"mediumVulnCount": 1,
"highVulnCount": 1,
"criticalVulnCount": 0,
"totalVulnCount": 2,
"isInternal": false,
"unassignedVulnCount": 0,
"organization": {
"name": "Test Team",
"id": 1
},
"waf": {
"name": "New WAF",
"id": 1
}
}
}
www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.
This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.