Skip to main content

API Updates for 9.5.0


Table 1. REST API



Get a query version code (for BFL service)

[GET] /queries/queryVersionCode - To get the id and the query version code.

The endpoint receives as input the following parameters:

  • Language

  • Severity

  • Query name

The response will include:

  • queryId

  • queryVersionCode

Lock a scan

[PUT] /sast/lockScan - Enables locking a scan.

The endpoint receives as input the scan id and return as response:

  • Boolean (true in case is now locked, false if request failed)

  • Error message (in case of failure)

Unlock a scan

[PUT] /sast/unLockScan - Enables unlocking a scan.

The endpoint receives as input the scan id and return as response:

  • Boolean (true in case is now unlocked, false if request failed)

  • Error message (in case of failure)

List all scheduled jobs

[GET] /sast/sheduledJobs - To get the list of all scheduled jobs.

As response the endpoint returns details for: project name, project Id, scan frequency, scan days and scan time.

Get the timestamp for result updates

[GET] /sast/resultPathCommentsHistory - Enables getting the comment and timestamp for the result update.

Pull license data

[GET] /serverLicenseData - Enables pulling license data details.

The endpoint does not receive inputs.

The response contains details and information for the following:

  • Edition: SDLC or SecurityGate

  • Expiration Date

  • LOC

  • HID

  • OSA License: Enabled or disabled

  • OSA License Expiration Date

  • Supported Languages

  • Users: Available and In Use

  • Auditors: Available and In Use

  • Projects: Maximum Allowed and In Use

Get branch status

[GET] /projects/branch/{id} - To get the project branching status.

Receives as input the project ID of the branched project.

Returns as response the following information (based on details stored in [CxDB].[dbo].[ProjectBranchTree] table):

  • id: id column from [CxDB].[dbo].[ProjectBranchTree] table

  • originalProjectId: contains the Id of the original project

  • branchedOnScanId: shows the scan Id where the project was branched from the original project

  • branchedProjectId: shows the Id of the branched project

  • timestamp: when branch starts

  • status: composed by Id and value. Possible values are: 0 - started; 1 - In Progress; 2 - Completed; 3 - Failed

  • errorMessage: If an error is returned when creating the branch.

Force Scan on no-code changes

[POST] /projects/{id}/forceScanOnNoCodeChanges - Sets the next scheduled scan for project to bypass the “no code changes” scenario.

See Forcing Scans for Environmental Changes


Table 2. SOAP API



Portal - CreateNewProject

Inside ProjectConfiguration parameter in ScanActionSettings/ScanAction type there are two new fields available:

  • PostScanActionConditions

  • PostScanActionArguments

Portal - GetProjectProperties

Inside ProjectConfiguration parameter, two new fields are available:

  • PostScanActionConditions

  • PostScanActionArguments


Table 3. ODATA API



Tracking the age of vulnerabilities

To track the age of vulnerabilities, the vulnerability detection date was added to each Result metadata in OData. This can be helpful for customers that have internal SLAs and rules where the age of the vulnerabilities determines compliance with their enterprise's policies. It is possible to build queries to get the detection date of specific vulnerabilities.