Recording the APIs using the ADAC client using Postman or SoapUI
Create a GraphQL scan by Recording the APIs using the ADAC client using Postman or SoapUI.
Procedure
- On the AppScan Enterprise Scan page, click Create Folder Item.
- Select the Job using template radio-button and in the drop-down list, select the option GraphQL template.
- Click the Create button. The browser launches the AppScan Dynamic Analysis Client (ADAC).
- Navigate to the Manual Explore section, click Add, select External client, and then select Postman or SoapUI.
- AppScan opens the selected tool (i.e., Postman or SoapUI) and automatically configures it to work with AppScan as it’s recording proxy.
- Once the tool launches, run the collection.
- After you run the collection, in the Record Traffic window, click the Stop Recording button and then click Save.
- In ADAC window, select the checkbox under domains detected for the domains to be included in the scanning.
- Navigate to Job Properties, select a desired Test Policy, and click Create Job.
- Run the scan.