@itentialopensource/adapter-owasp_zap

openapi: 3.0.0 info: title: zapper contact: {} version: '1.0.0' servers: - url: http://localhost:8080/ description: '' variables: {} paths: /JSON/spider/action/scan/: get: summary: '# To start the Ajax Spider' description: > # To start the Ajax Spider operationId: '#TostarttheAjaxSpider' parameters: - name: apikey in: query description: apikey of zap required: true style: form explode: true schema: type: string - name: url in: query description: target url required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/context/action/newContext/: get: summary: Create a new context for auth. description: Create a new context for auth. operationId: Createanewcontextforauth. parameters: - name: apikey in: query description: ZAP API key required: true style: form explode: true schema: type: string - name: contextName in: query description: Context name required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/context/view/contextList/: get: summary: Get the list of available contexts description: Get the list of available contexts operationId: Getthelistofavailablecontexts parameters: - name: apikey in: query description: Zap API key required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/context/view/context/: get: summary: View context details description: View context details operationId: Viewcontextdetails parameters: - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string - name: contextName in: query description: Name of the context required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/sessionManagement/view/getSessionManagementMethod/: get: summary: Gets the name of the session management method for the context with the given ID. description: >+ Gets the name of the session management method for the context with the given ID. operationId: GetsthenameofthesessionmanagementmethodforthecontextwiththegivenID. parameters: - name: contextId in: query description: contextId used required: true style: form explode: true schema: type: integer format: int32 - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/sessionManagement/view/getSupportedSessionManagementMethods/: get: summary: Gets the name of the session management methods. description: > Gets the name of the session management methods. operationId: Getsthenameofthesessionmanagementmethods. parameters: - name: apikey in: query description: Zap api key. required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/sessionManagement/action/setSessionManagementMethod/: get: summary: Sets the session management method for the context with the given ID. description: >+ Sets the session management method for the context with the given ID. operationId: SetsthesessionmanagementmethodforthecontextwiththegivenID. parameters: - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string - name: contextId in: query description: ContextID used required: true style: form explode: true schema: type: integer format: int32 - name: methodName in: query description: session method type required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/authentication/view/getSupportedAuthenticationMethods/: get: summary: Gets the list of supported authentication methods. description: Gets the list of supported authentication methods. operationId: Getsthelistofsupportedauthenticationmethods. parameters: - name: apikey in: query description: Zap api key. required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/authentication/view/getAuthenticationMethod/: get: summary: Gets the name of the authentication method for the context with the given ID. description: >+ Gets the name of the authentication method for the context with the given ID. operationId: GetsthenameoftheauthenticationmethodforthecontextwiththegivenID. parameters: - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string - name: contextId in: query description: contextID used required: true style: form explode: true schema: type: integer format: int32 responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/authentication/action/setAuthenticationMethod/: get: summary: Sets the authentication method for the context with the given ID. description: >+ Sets the authentication method for the context with the given ID. operationId: SetstheauthenticationmethodforthecontextwiththegivenID. parameters: - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string - name: contextId in: query description: Used context required: true style: form explode: true schema: type: integer format: int32 - name: authMethodName in: query description: Required method name required: true style: form explode: true schema: type: string - name: authMethodConfigParams in: query description: >- used when forbased auth is selected loginUrl=http%3A%2F%2Flocalhost:3000%2Flogin%2F&loginRequestData=username%3D%7B%admin@pronghorn%25%7D%26password%3D%7B%admin%25%7D style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/authentication/action/setLoggedInIndicator/: get: summary: Sets the logged in indicator for the context with the given ID. description: >+ Sets the logged in indicator for the context with the given ID. operationId: SetstheloggedinindicatorforthecontextwiththegivenID. parameters: - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string - name: contextId in: query description: Used contextID required: true style: form explode: true schema: type: integer format: int32 - name: loggedInIndicatorRegex in: query description: "Used regex for logged in indicator\n\nex: \n\\Q<a id=\"logout\" tabindex=\"0\" role=\"button\" class=\"logout\">\\E" required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/authentication/action/setLoggedOutIndicator/: get: summary: Sets Logged out indicator description: Sets Logged out indicator operationId: SetsLoggedoutindicator parameters: - name: apikey in: query description: zap api key required: true style: form explode: true schema: type: string - name: loggedOutIndicatorRegex in: query description: >- Logged out indicator regex ex: \QYou have successfully logged out.\E required: true style: form explode: true schema: type: string - name: contextId in: query description: Used contextId required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/users/view/usersList/: get: summary: Gets a list of users that belong to the context with the given ID, or all users if none provided. description: >+ Gets a list of users that belong to the context with the given ID, or all users if none provided. operationId: GetsalistofusersthatbelongtothecontextwiththegivenID,orallusersifnoneprovided. parameters: - name: contextId in: query description: Used contextId required: true style: form explode: true schema: type: integer format: int32 - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/users/view/getUserById/: get: summary: Gets the data of the user with the given ID that belongs to the context with the given ID. description: >+ Gets the data of the user with the given ID that belongs to the context with the given ID. operationId: GetsthedataoftheuserwiththegivenIDthatbelongstothecontextwiththegivenID. parameters: - name: contextId in: query description: Used contextID required: true style: form explode: true schema: type: integer format: int32 - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string - name: userId in: query description: userID required: true style: form explode: true schema: type: integer format: int32 responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/users/action/setUserName/: get: summary: Renames the user with the given ID that belongs to the context with the given ID. description: >+ Renames the user with the given ID that belongs to the context with the given ID. operationId: RenamestheuserwiththegivenIDthatbelongstothecontextwiththegivenID. parameters: - name: contextId in: query description: Used contextId required: true style: form explode: true schema: type: integer format: int32 - name: userId in: query description: userId required: true style: form explode: true schema: type: integer format: int32 - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string - name: name in: query description: name of the user required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/users/action/setAuthenticationCredentials/: get: summary: Sets the authentication credentials for the user with the given ID description: >+ Sets the authentication credentials for the user with the given ID that belongs to the context with the given ID. operationId: SetstheauthenticationcredentialsfortheuserwiththegivenID parameters: - name: contextId in: query description: Used contextId required: true style: form explode: true schema: type: integer format: int32 - name: userId in: query description: User ID required: true style: form explode: true schema: type: integer format: int32 - name: authCredentialsConfigParams in: query description: auth credentials required: true style: form explode: true schema: type: string example: username=admin@pronghorn&&password=admin examples: example: value: username=admin@pronghorn&&password=admin - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/users/action/removeUser/: get: summary: Removes the user with the given ID that belongs to the context with the given ID. description: >+ Removes the user with the given ID that belongs to the context with the given ID. operationId: RemovestheuserwiththegivenIDthatbelongstothecontextwiththegivenID. parameters: - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string - name: contextId in: query description: used contextId required: true style: form explode: true schema: type: integer format: int32 - name: userId in: query description: UserId required: true style: form explode: true schema: type: integer format: int32 responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/context/action/includeInContext/: get: summary: Include regex to context description: >+ Include regex to context operationId: Includeregextocontext parameters: - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string - name: contextName in: query description: context name required: true style: form explode: true schema: type: string - name: regex in: query description: >- Required regex For ex: http://localhost:3000.* required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/context/action/excludeFromContext/: get: summary: Include regex to context1 description: >+ Include regex to context operationId: Includeregextocontext1 parameters: - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string - name: contextName in: query description: context name required: true style: form explode: true schema: type: string - name: regex in: query description: >- Required regex For ex: http://localhost:3000.* required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/ascan/action/scan/: get: summary: Runs the active scanner description: Runs the active scanner against the given URL and/or Context. Optionally, the 'recurse' parameter can be used to scan URLs under the given URL, the parameter 'inScopeOnly' can be used to constrain the scan to URLs that are in scope (ignored if a Context is specified), the parameter 'scanPolicyName' allows to specify the scan policy (if none is given it uses the default scan policy), the parameters 'method' and 'postData' allow to select a given request in conjunction with the given URL. operationId: Runstheactivescanner parameters: - name: url in: query description: Target url. It is ignored if context is specified style: form explode: true schema: type: string - name: recurse in: query description: If you select ‘Recurse’ then all of the nodes underneath the one selected will also be scanned. style: form explode: true schema: type: boolean - name: inScopeOnly in: query description: The parameter 'inScopeOnly' can be used to constrain the scan to URLs that are in scope (ignored if a Context is specified) style: form explode: true schema: type: boolean - name: scanPolicyName in: query description: Allows to specify the scan policy (if none is given it uses the default scan policy) style: form explode: true schema: type: string - name: postData in: query description: Key value pairs in the request POST data. style: form explode: true schema: type: string - name: contextId in: query description: Used context ID style: form explode: true schema: type: integer format: int32 - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/ascan/action/addScanPolicy/: get: summary: Add scan policy description: Add scan policy operationId: Addscanpolicy parameters: - name: scanPolicyName in: query description: scan policy name required: true style: form explode: true schema: type: string - name: alertThreshold in: query description: Alert threshold style: form explode: true schema: type: string - name: attackStrength in: query description: attack strength style: form explode: true schema: type: string - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/ascan/action/updateScanPolicy/: get: summary: Update scan policy description: Update scan policy operationId: Updatescanpolicy parameters: - name: scanPolicyName in: query description: scan policy name required: true style: form explode: true schema: type: string - name: alertThreshold in: query description: Alert threshold style: form explode: true schema: type: string - name: attackStrength in: query description: attack strength style: form explode: true schema: type: string - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/ascan/view/scanPolicyNames/: get: summary: Scan policies names description: Scan policies names operationId: Scanpoliciesnames parameters: - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/ascan/view/scanners/: get: summary: List of active scanners description: 'List of active scanners ' operationId: Listofactivescanners parameters: - name: scanPolicyName in: query description: Scan policy name style: form explode: true schema: type: string - name: policyId in: query description: Policy ID style: form explode: true schema: type: integer format: int32 - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/ascan/view/policies/: get: summary: List of active policies description: 'List of active policies ' operationId: Listofactivepolicies parameters: - name: scanPolicyName in: query description: Scan policy name style: form explode: true schema: type: string - name: policyId in: query description: Policy ID style: form explode: true schema: type: integer format: int32 - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/pscan/action/enableAllScanners/: get: summary: Enable all the passive scanners description: Enable all the passive scanners operationId: Enableallthepassivescanners parameters: - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/pscan/action/disableAllScanners/: get: summary: Disable all the passive scanners description: Disable all the passive scanners operationId: Disableallthepassivescanners parameters: - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/pscan/view/scanners/: get: summary: List pf passive scanners description: List of passive scanners operationId: Listpfpassivescanners parameters: - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/alert/view/alert/: get: summary: Gets the alert with the given ID description: Gets the alert with the given ID, the corresponding HTTP message can be obtained with the 'messageId' field and 'message' API method operationId: GetsthealertwiththegivenID parameters: - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string - name: id in: query description: alert id required: true style: form explode: true schema: type: integer format: int32 responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/alert/view/alerts/: get: summary: Gets the alerts raised by ZAP, optionally filtering by URL or riskId, and paginating with 'start' position and 'count' of alerts description: >+ Gets the alerts raised by ZAP, optionally filtering by URL or riskId, and paginating with 'start' position and 'count' of alerts operationId: GetsthealertsraisedbyZAP,optionallyfilteringbyURLorriskId,andpaginatingwith'start'positionand'count'ofalerts parameters: - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string - name: baseurl in: query description: base url like http://localhost:3000 style: form explode: true schema: type: string - name: start in: query description: '' style: form explode: true schema: type: string - name: count in: query description: '' style: form explode: true schema: type: string - name: riskId in: query description: '' style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/alert/view/alertsSummary: get: summary: Gets number of alerts grouped by each risk level, optionally filtering by URL description: >+ Gets number of alerts grouped by each risk level, optionally filtering by URL operationId: Getsnumberofalertsgroupedbyeachrisklevel,optionallyfilteringbyURL parameters: - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string - name: baseurl in: query description: 'baseurl like : http://localhost:3000' style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/alert/view/alertCountsByRisk/: get: summary: Gets a count of the alerts, optionally filtered as per alertsPerRisk description: >+ Gets a count of the alerts, optionally filtered as per alertsPerRisk operationId: Getsacountofthealerts,optionallyfilteredasperalertsPerRisk parameters: - name: url in: query description: url style: form explode: true schema: type: string - name: recurse in: query description: '' style: form explode: true schema: type: string - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/stats/view/siteStats/: get: summary: Gets all of the global statistics, optionally filtered by a key prefix description: >+ Gets all of the global statistics, optionally filtered by a key prefix operationId: Getsalloftheglobalstatistics,optionallyfilteredbyakeyprefix parameters: - name: site in: query description: site like http://localhost:3000 required: true style: form explode: true schema: type: string - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string - name: keyPrefix in: query description: keyPrefix style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/users/action/newUser/: get: summary: Creates a new user with the given name for the context with the given ID. description: >+ Creates a new user with the given name for the context with the given ID. operationId: CreatesanewuserwiththegivennameforthecontextwiththegivenID. parameters: - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: string - name: contextId in: query description: contextid used required: true style: form explode: true schema: type: string - name: name in: query description: new username required: true style: form explode: true schema: type: string responses: '200': description: Valid Response headers: {} content: {} deprecated: false /JSON/alertFilter/view/alertFilterList/: get: summary: Lists the alert filters of the context with the given ID. description: Lists the alert filters of the context with the given ID. operationId: ListsthealertfiltersofthecontextwiththegivenID. parameters: - name: apikey in: query description: Zap api key required: true style: form explode: true schema: type: integer format: int32 - name: contextId in: query description: used context required: true style: form explode: true schema: type: integer format: int32 responses: '200': description: Valid Response headers: {} content: {} deprecated: false tags: []