In order to scan a REST API of a web application, please follow these steps.
- Login to Security Center.
- Click Asset Manager in the main menu.
- Click Web applications.
- Choose Add webb application.
- Under General information add the API root URL under Target and set a name under Application name.
- Verify the swagger documentation with http://editor.swagger.io/ (external link) that there is no errors.
- Click REST API scanning in the window menu.
- Add the Open API 2.0 path for the specification documentation for your REST API (which may be represented either in JSON or YAML format).
- Click OK to save.
- Done!
Please notice that the domain of the Open API URL is required to match the target URL domain.
0 Comments