AppScan Proxy Server
The AppScan Proxy Server allows you to record traffic for a security scan
Version: 1.0
Access
[ Jump to Models ]
Table of Contents
Up
get /automation/Certificate
(getcertificate)
Download the self-signed Root Certificate Authority, used by the Recording Proxy, as a PEM file.
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the response header.
Responses
2xx
Return a certificate File in PEM format
default
Internal Server Error
#/components/schemas/Error
Up
get /automation/DownloadEncryptedDastConfig/{uuid}
(getdownloadencrypteddastconfig)
Download encrypted .DAST.CONFIG file (that was uploaded using EncryptDastConfig API).
Note: When the file is downloaded, both encrypted and unencrypted DAST.CONFIG files are deleted from the proxy server.
Path parameters
uuid (required)
Path Parameter — Unique ID received in the EncryptDastConfig API response
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the response header.
Responses
2xx
Return the Encrypted .dast.config file
default
Internal Server Error
#/components/schemas/Error
Up
post /automation/EncryptDastConfig
(postencryptdastconfig)
Upload a .DAST.CONFIG file for encryption. A uuid is returned in the Response, and you can use this to download the encrypted file with the /DownloadEncryptedDastConfig/<uuid> GET Rest API.
Form parameters
dastFile (required)
Form Parameter — The .DAST.CONFIG file to be encrypted. The expected Content-Type of the request is multipart/form-data. The request should contain a single file parameter named "dastFile". Example: Content-Type: multipart/form-data; Content-Disposition: form-data; name="dastFile"; filename="<dast.config>"
Return type
#/components/schemas/EncryptTrafficSuccessResponse
Example data
Content-Type: application/json
""
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the response header.
Responses
2xx
Success-Response
#/components/schemas/EncryptTrafficSuccessResponse
400
Error-Response
#/components/schemas/EncryptTrafficErrorResponse
default
Internal Server Error
#/components/schemas/Error
(getinfo)
Return information regard AppScan Proxy Server versions
Return type
#/components/schemas/InfoResponse200
Example data
Content-Type: application/json
""
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the response header.
Responses
2xx
Return JSON with AppScan Proxy Server component versions
#/components/schemas/InfoResponse200
default
Internal Server Error
#/components/schemas/Error
Up
get /automation/StartProxy/{recordingPort},{upperBound}
(getstartproxy)
Start a proxy that listens on the specified recordingPort. If recordingPort = "0" a random port will be chosen and if the upperBound is set then a port in the range from recordingPort to upperBound will be used. The port number will be returned in the Response. recordingPort should not be 0 if upperBound is set.
To use chainedProxy, proxyCertificate, and/or clientCertificate use the POST version of StartProxy.
Path parameters
recordingPort (required)
Path Parameter — The recording proxy listening port
upperBound (required)
Path Parameter — The upper boundary of the recording proxy listening port
Query parameters
encrypted (optional)
Query Parameter — Encrypt the traffic. Query param example: /StartProxy/<recordingPort>,<upperBound>?encrypted=true
Return type
#/components/schemas/StartProxySuccessResponse
Example data
Content-Type: application/json
""
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the response header.
Responses
2xx
Success-Response
#/components/schemas/StartProxySuccessResponse
403
Error-Response
#/components/schemas/StartProxyErrorResponse
default
Internal Server Error
#/components/schemas/Error
Up
post /automation/StartProxy/{recordingPort},{upperBound}
(poststartproxy)
Start a proxy that listens on the specified recordingPort. If recordingPort = "0" a random port will be chosen and if the upperBound is set then a port in the range from recordingPort to upperBound will be used. The port number will be returned in the Response. recordingPort should not be 0 if upperBound is set.
The request body must be in JSON format.
Path parameters
recordingPort (required)
Path Parameter — The recording proxy listening port
upperBound (required)
Path Parameter — The upper boundary of the recording proxy listening port
Request body
Query parameters
encrypted (optional)
Query Parameter — Encrypt the traffic. Query param example: /StartProxy/<recordingPort>,<upperBound>?encrypted=true
Return type
#/components/schemas/StartProxySuccessResponse
Example data
Content-Type: application/json
""
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the response header.
Responses
2xx
Success-Response
#/components/schemas/StartProxySuccessResponse
403
Error-Response
#/components/schemas/StartProxyErrorResponse
default
Internal Server Error
#/components/schemas/Error
Up
get /automation/StopProxy/{recordingPort}
(getstopproxy)
Stop the recording proxy that is listening on the specified recordingPort.
Setting the recordingPort to "0" does not stop all open proxies. Use "StopAllProxies" to do this.
Path parameters
recordingPort (required)
Path Parameter — The recording proxy listening port
Return type
#/components/schemas/StopProxySuccessResponse
Example data
Content-Type: application/json
""
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the response header.
Responses
2xx
Success-Response
#/components/schemas/StopProxySuccessResponse
403
Error-Response
#/components/schemas/StopProxyErrorResponse
default
Internal Server Error
#/components/schemas/Error
Up
post /automation/StopAllProxies
(poststopallproxies)
Stop all running recording proxies.
This command stops all recording proxies on all ports, including those started by other users.
Attempting to stop a specific recording proxy after running this command will cause an exception, so use with care.
Return type
#/components/schemas/StopAllProxiesSuccessResponse
Example data
Content-Type: application/json
""
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the response header.
Responses
2xx
Success-Response
#/components/schemas/StopAllProxiesSuccessResponse
default
Internal Server Error
#/components/schemas/Error
Up
get /automation/Traffic/{recordingPort}
(gettraffic)
Download recorded data from the recording proxy identified by the recordingPort as a .DAST.CONFIG file.
Path parameters
recordingPort (required)
Path Parameter — The recording proxy listening port
Produces
This API call produces the following media types according to the request header;
the media type will be conveyed by the response header.
Responses
2xx
Return The .dast.config file
default
Internal Server Error
#/components/schemas/Error
[ Jump to Methods ]
Table of Contents
Optional
-
automationStartProxyrecordingPortupperBound_clientCertificate
-
automationStartProxyrecordingPortupperBound_proxyCertificate
-
chainedProxy (optional)
String Configure the upstream (chained) proxy using format [ip]:[port]. This will override the chained proxy rules file (proxy.chain).
example: 1.2.3.4:8080
proxyCertificate (optional)
clientCertificate (optional)
Configure client side certificate to be used by the proxy. The certificate must include a private key with its X509 certificate.
The certificate must be a JSON object with two fields: "content" with the base64-encoded contents of the certificate file, and "password" with the password to the file.
content (optional)
example: MIISLAIBAzCCEfMGC... ...viIECGajitRJIOdWAgEB
password (optional)
example: password
Configure a fixed certificate for the proxy, instead of creating a different certificate for each domain. The certificate must include a private key with its X509 certificate.
The certificate must be a JSON object with two fields: "content" with the base64-encoded contents of the certificate file, and "password" with the password to the file.
content (optional)
example: MIIQ2gIBAzCCEKAGC... ...CD4pScngW2pdAgIIAA==
password (optional)
example: password