-
Notifications
You must be signed in to change notification settings - Fork 119
ThreadFix REST Interface Responses
Zignat Abdisubhan edited this page Mar 18, 2015
·
19 revisions
This page is dedicated to displaying the possible responses to the Threadfix REST Interface.
You should get an authentication error like the following for incorrect or missing API keys.
{
"message": "Authentication failed, check your API Key.",
"success": false,
"responseCode": -1,
"object": null
}Any of the calls that have the ability to write to the Threadfix database can be restricted by editing the API Key accessing those calls to be a 'Restricted API Key'. You should get the following error if you make a restricted API call with a 'Restricted API Key'.
{
"message": "The requested URL is restricted for your API Key.",
"success": false,
"responseCode": -1,
"object": null
}{
"message": "",
"success": true,
"responseCode": -1,
"object": {
"id": 1,
"infoVulnCount": 0,
"lowVulnCount": 0,
"mediumVulnCount": 0,
"highVulnCount": 0,
"criticalVulnCount": 0,
"totalVulnCount": 0,
"name": "TEST123",
"applications": null
}
}{
"message": "\"name\" parameter was not present, new Team creation failed.",
"success": false,
"responseCode": -1,
"object": null
}{
"message": "",
"success": true,
"responseCode": -1,
"object": {
"id": 2,
"infoVulnCount": 0,
"lowVulnCount": 0,
"mediumVulnCount": 0,
"highVulnCount": 0,
"criticalVulnCount": 0,
"totalVulnCount": 0,
"name": "TEST 123",
"applications": []
}
}{
"message": "Team Lookup failed.",
"success": false,
"responseCode": -1,
"object": null
}{
"message": "No team found with name 'TET123'",
"success": false,
"responseCode": -1,
"object": null
}{
"message": "",
"success": true,
"responseCode": -1,
"object": [
{
"id": 11,
"infoVulnCount": 0,
"lowVulnCount": 0,
"mediumVulnCount": 0,
"highVulnCount": 0,
"criticalVulnCount": 0,
"totalVulnCount": 0,
"name": "Team 1",
"applications": [
]
},
{
"id": 4,
"infoVulnCount": 16,
"lowVulnCount": 60,
"mediumVulnCount": 2,
"highVulnCount": 6,
"criticalVulnCount": 0,
"totalVulnCount": 84,
"name": "Team 2",
"applications": [
{
"id": 4,
"name": "Test 1"
}
]
}
]
}{
"message": "",
"success": true,
"responseCode": -1,
"object": {
"id": 1,
"name": "Test App 1",
"url": "http://example.com",
"uniqueId": null,
"applicationCriticality": {
"id": 1,
"name": "Low"
},
"grcApplication": null,
"scans": null,
"infoVulnCount": 0,
"lowVulnCount": 0,
"mediumVulnCount": 0,
"highVulnCount": 0,
"criticalVulnCount": 0,
"totalVulnCount": 0,
"waf": null,
"organization": {
"id": 1,
"name": "TEST 123"
}
}
}{
"message": "New Team creation failed.",
"success": false,
"responseCode": -1,
"object": null
}{
"message": "",
"success": true,
"responseCode": -1,
"object": {
"id": 1,
"name": "Test App 1",
"url": "http://example.com",
"uniqueId": null,
"applicationCriticality": {
"id": 1,
"name": "Low"
},
"grcApplication": null,
"scans": null,
"infoVulnCount": 0,
"lowVulnCount": 0,
"mediumVulnCount": 0,
"highVulnCount": 0,
"criticalVulnCount": 0,
"totalVulnCount": 0,
"waf": null,
"organization": {
"id": 1,
"name": "TEST 123"
}
}
}{
"message": "Application lookup failed. Check your ID.",
"success": false,
"responseCode": -1,
"object": null
}{
"message": "",
"success": true,
"responseCode": -1,
"object": {
"id": 1,
"name": "Test App 1",
"url": "http://example.com",
"uniqueId": null,
"applicationCriticality": {
"id": 1,
"name": "Low"
},
"grcApplication": null,
"scans": null,
"infoVulnCount": 0,
"lowVulnCount": 0,
"mediumVulnCount": 0,
"highVulnCount": 0,
"criticalVulnCount": 0,
"totalVulnCount": 0,
"waf": null,
"organization": {
"id": 1,
"name": "TEST 123"
}
}
}{
"message": "",
"success": true,
"responseCode": -1,
"object": {
"id": 4,
"name": "Test Name 1",
"url": null,
"uniqueId": null,
"applicationCriticality": {
"id": 1,
"name": "Low"
},
"grcApplication": null,
"scans": [],
"infoVulnCount": 0,
"lowVulnCount": 0,
"mediumVulnCount": 0,
"highVulnCount": 0,
"criticalVulnCount": 0,
"totalVulnCount": 0,
"waf": {
"id": 1,
"name": "DG mod_security"
},
"organization": {
"id": 2,
"name": "TEST 123"
}
}
}{
"message": "WAF lookup failed. Check your ID.",
"success": false,
"responseCode": -1,
"object": null
}{
"message": "Application lookup failed. Check your ID.",
"success": false,
"responseCode": -1,
"object": null
}{
"message": "",
"success": true,
"responseCode": -1,
"object": {
"id": 4,
"name": "Test App 1",
"url": "http://www.example-url.com",
"uniqueId": null,
"applicationCriticality": {
"id": 1,
"name": "Low"
},
"grcApplication": null,
"scans": [],
"infoVulnCount": 0,
"lowVulnCount": 0,
"mediumVulnCount": 0,
"highVulnCount": 0,
"criticalVulnCount": 0,
"totalVulnCount": 0,
"waf": {
"id": 1,
"name": "DG mod_security"
},
"organization": {
"id": 2,
"name": "TEST 123"
}
}
}{
"message": "Application lookup failed. Check your ID.",
"success": false,
"responseCode": -1,
"object": null
}{
"message": "",
"success": true,
"responseCode": -1,
"object": {
"id": 56,
"importTime": 1401977632000,
"numberClosedVulnerabilities": 0,
"numberNewVulnerabilities": 84,
"numberOldVulnerabilities": 0,
"numberResurfacedVulnerabilities": 0,
"numberTotalVulnerabilities": 84,
"numberRepeatResults": 0,
"numberRepeatFindings": 0,
"numberInfoVulnerabilities": 16,
"numberLowVulnerabilities": 60,
"numberMediumVulnerabilities": 2,
"numberHighVulnerabilities": 6,
"numberCriticalVulnerabilities": 0,
"findings": [
{
"id": 4702,
"longDescription": null,
"attackString": "\"><script>alert(1);</script>",
"attackRequest": null,
"attackResponse": null,
"nativeId": "e66d13c89218d65c07a6ae237a4e37ff",
"displayId": null,
"surfaceLocation": {
"id": 4702,
"parameter": "uid",
"path": "/bank/login.aspx"
},
"sourceFileLocation": null,
"dataFlowElements": null,
"calculatedUrlPath": "/bank/login.aspx",
"calculatedFilePath": "",
"dependency": null,
"severity": "3",
"vulnerabilityType": "Cross Site Scripting (Reflected)"
},
{
"id": 4703,
"longDescription": null,
"attackString": "",
"attackRequest": null,
"attackResponse": null,
"nativeId": "413d050c830daf7ccb4248efb369da36",
"displayId": null,
"surfaceLocation": {
"id": 4703,
"parameter": null,
"path": "/images/icon_top.gif"
},
"sourceFileLocation": null,
"dataFlowElements": null,
"calculatedUrlPath": "/images/icon_top.gif",
"calculatedFilePath": "",
"dependency": null,
"severity": "1",
"vulnerabilityType": "X-Content-Type-Options header missing"
} // the rest omitted for brevity
],
"scannerName": "OWASP Zed Attack Proxy"
}
}{
"message": "",
"success": true,
"responseCode": -1,
"object": {
"id": 2,
"name": "Example WAF",
"wafTypeName": "mod_security",
"applications": []
}
}{
"message": "New WAF creation failed.",
"success": false,
"responseCode": -1,
"object": null
}{
"message": "",
"success": true,
"responseCode": -1,
"object": {
"id": 2,
"name": "Example WAF",
"wafTypeName": "mod_security",
"applications": []
}
}{
"message": "WAF Lookup failed.",
"success": false,
"responseCode": -1,
"object": null
}{
"message": "",
"success": true,
"responseCode": -1,
"object": [
{
"id": 24,
"name": "Sample WAF 1",
"applications": [
{
"id": 75,
"name": "App 2"
}
],
"wafTypeName": "Snort"
},
{
"id": 25,
"name": "Sample WAF 2",
"applications": [
{
"id": 76,
"name": "App 6"
}
],
"wafTypeName": "Snort"
}
]
}