{"files":{"SKILL.md":"---\nname: insightappsec-api\ndescription: \"InsightAppSec API skill. Use when working with InsightAppSec for apps, attack-templates, blackouts. Covers 102 endpoints.\"\nversion: 1.0.0\ngenerator: lapsh\n---\n\n# InsightAppSec API\nAPI version: v1\n\n## Auth\nApiKey (inferred from docs)\n\n## Base URL\nhttps://[region].api.insight.rapid7.com/ias/v1\n\n## Setup\n1. Set your API key in the appropriate header\n2. GET /apps -- get apps\n3. POST /apps -- create first app\n\n## Endpoints\n102 endpoints across 14 groups. See references/api-spec.lap for full details.\n\n### Apps\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /apps | Get Apps |\n| POST | /apps | Create App |\n| GET | /apps/{app-id} | Get App |\n| PUT | /apps/{app-id} | Update App |\n| DELETE | /apps/{app-id} | Delete App |\n| GET | /apps/{app-id}/files | Get Files |\n| POST | /apps/{app-id}/files | Create File |\n| GET | /apps/{app-id}/files/{file-id} | Get File |\n| PUT | /apps/{app-id}/files/{file-id} | Update File |\n| POST | /apps/{app-id}/files/{file-id} | Upload File Content |\n| DELETE | /apps/{app-id}/files/{file-id} | Delete File |\n| GET | /apps/{app-id}/tags | Get App Tags |\n| POST | /apps/{app-id}/tags | Add App Tag |\n| DELETE | /apps/{app-id}/tags/{tag-id} | Remove App Tag |\n| GET | /apps/{app-id}/users | Get App Users |\n| POST | /apps/{app-id}/users | Add App User |\n| DELETE | /apps/{app-id}/users/{user-id} | Remove App User |\n\n### Attack-templates\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /attack-templates | Get Attack Templates |\n| POST | /attack-templates | Create Attack Template |\n| GET | /attack-templates/module-configs | Get Attack Modules Configs |\n| GET | /attack-templates/{attack-template-id} | Get Attack Template |\n| PUT | /attack-templates/{attack-template-id} | Update Attack Template |\n| DELETE | /attack-templates/{attack-template-id} | Delete Attack Template |\n| GET | /attack-templates/{attack-template-id}/modules | Get Attack Modules |\n| POST | /attack-templates/{attack-template-id}/modules | Create Attack Module |\n| PUT | /attack-templates/{attack-template-id}/modules/{attack-module-id} | Update Attack Module |\n| DELETE | /attack-templates/{attack-template-id}/modules/{attack-module-id} | Delete Attack Module |\n\n### Blackouts\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /blackouts | Get Blackouts |\n| POST | /blackouts | Create Blackout |\n| GET | /blackouts/{blackout-id} | Get Blackout |\n| PUT | /blackouts/{blackout-id} | Update Blackout |\n| DELETE | /blackouts/{blackout-id} | Delete Blackout |\n\n### Engine-groups\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /engine-groups | Get Engine Groups |\n| POST | /engine-groups | Create Engine Group |\n| GET | /engine-groups/{engine-group-id} | Get Engine Group |\n| PUT | /engine-groups/{engine-group-id} | Update Engine Group |\n| DELETE | /engine-groups/{engine-group-id} | Delete Engine Group |\n| GET | /engine-groups/{engine-group-id}/engines | Get Engine Group Engines |\n\n### Engines\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /engines | Get Engines |\n| POST | /engines | Create Engine |\n| GET | /engines/{engine-id} | Get Engine |\n| PUT | /engines/{engine-id} | Update Engine |\n| DELETE | /engines/{engine-id} | Delete Engine |\n| GET | /engines/{engine-id}/credential | Get Engine Credential |\n| PUT | /engines/{engine-id}/credential | Regenerate Engine Credential |\n| DELETE | /engines/{engine-id}/credential | Delete Engine Credential |\n| POST | /engines/{engine-id}/upgrade | Upgrade Engine |\n\n### Modules\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /modules | Get Modules |\n| GET | /modules/{module-id} | Get Module |\n| GET | /modules/{module-id}/attacks/{attack-id} | Get Attack |\n| GET | /modules/{module-id}/attacks/{attack-id}/documentation | Get Attack Documentation |\n\n### Reports\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /reports | Get Reports |\n| POST | /reports | Generate Report |\n| GET | /reports/{report-id} | Get Report |\n| DELETE | /reports/{report-id} | Delete Report |\n\n### Scan-configs\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /scan-configs | Get Scan Configs |\n| POST | /scan-configs | Create Scan Config |\n| GET | /scan-configs/options/default | Get Scan Configs Options Default |\n| GET | /scan-configs/{scan-config-id} | Get Scan Config |\n| PUT | /scan-configs/{scan-config-id} | Update Scan Config |\n| DELETE | /scan-configs/{scan-config-id} | Delete Scan Config |\n| GET | /scan-configs/{scan-config-id}/options | Get Scan Config Options |\n| PUT | /scan-configs/{scan-config-id}/options | Update Scan Config Options |\n| PATCH | /scan-configs/{scan-config-id}/options | Patch Scan Config Options |\n\n### Scans\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /scans | Get Scans |\n| POST | /scans | Submit Scan |\n| GET | /scans/{scan-id} | Get Scan |\n| DELETE | /scans/{scan-id} | Delete Scan |\n| GET | /scans/{scan-id}/action | Get Scan Action |\n| PUT | /scans/{scan-id}/action | Submit Scan Action |\n| GET | /scans/{scan-id}/engine-events | Get Scan Engine Events |\n| GET | /scans/{scan-id}/execution-details | Get Scan Execution Details |\n| GET | /scans/{scan-id}/platform-events | Get Scan Platform Events |\n\n### Schedules\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /schedules | Get Schedules |\n| POST | /schedules | Create Schedule |\n| GET | /schedules/{schedule-id} | Get Schedule |\n| PUT | /schedules/{schedule-id} | Update Schedule |\n| DELETE | /schedules/{schedule-id} | Delete Schedule |\n\n### Search\n| Method | Path | Description |\n|--------|------|-------------|\n| POST | /search | Perform Search |\n\n### Tags\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /tags | Get Tags |\n| POST | /tags | Create Tag |\n| GET | /tags/{tag-id} | Get Tag |\n| PUT | /tags/{tag-id} | Update Tag |\n| DELETE | /tags/{tag-id} | Delete Tag |\n\n### Targets\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /targets | Get Targets |\n| POST | /targets | Create Target |\n| GET | /targets/{target-id} | Get Target |\n| PUT | /targets/{target-id} | Update Target |\n| DELETE | /targets/{target-id} | Delete Target |\n\n### Vulnerabilities\n| Method | Path | Description |\n|--------|------|-------------|\n| GET | /vulnerabilities | Get Vulnerabilities |\n| POST | /vulnerabilities/variances/documentation | Get Vulnerability Variances Documentation |\n| GET | /vulnerabilities/{vuln-id} | Get Vulnerability |\n| PUT | /vulnerabilities/{vuln-id} | Update Vulnerability |\n| GET | /vulnerabilities/{vuln-id}/comments | Get Vulnerability Comments |\n| POST | /vulnerabilities/{vuln-id}/comments | Create Vulnerability Comment |\n| GET | /vulnerabilities/{vuln-id}/comments/{comment-id} | Get Vulnerability Comment |\n| PUT | /vulnerabilities/{vuln-id}/comments/{comment-id} | Update Vulnerability Comment |\n| DELETE | /vulnerabilities/{vuln-id}/comments/{comment-id} | Delete Vulnerability Comment |\n| GET | /vulnerabilities/{vuln-id}/discoveries | Get Vulnerability Discoveries |\n| GET | /vulnerabilities/{vuln-id}/discoveries/{vuln-discovery-id} | Get Vulnerability Discovery |\n| GET | /vulnerabilities/{vuln-id}/history | Get Vulnerability History |\n| GET | /vulnerabilities/{vuln-id}/variances/{variance-id}/documentation | Get Vulnerability Variance Documentation |\n\n## Common Questions\nMatch user requests to endpoints in references/api-spec.lap. Key patterns:\n- \"List all apps?\" -> GET /apps\n- \"Create a app?\" -> POST /apps\n- \"Get app details?\" -> GET /apps/{app-id}\n- \"Update a app?\" -> PUT /apps/{app-id}\n- \"Delete a app?\" -> DELETE /apps/{app-id}\n- \"List all files?\" -> GET /apps/{app-id}/files\n- \"Create a file?\" -> POST /apps/{app-id}/files\n- \"Get file details?\" -> GET /apps/{app-id}/files/{file-id}\n- \"Update a file?\" -> PUT /apps/{app-id}/files/{file-id}\n- \"Delete a file?\" -> DELETE /apps/{app-id}/files/{file-id}\n- \"List all tags?\" -> GET /apps/{app-id}/tags\n- \"Create a tag?\" -> POST /apps/{app-id}/tags\n- \"Delete a tag?\" -> DELETE /apps/{app-id}/tags/{tag-id}\n- \"List all users?\" -> GET /apps/{app-id}/users\n- \"Create a user?\" -> POST /apps/{app-id}/users\n- \"Delete a user?\" -> DELETE /apps/{app-id}/users/{user-id}\n- \"List all attack-templates?\" -> GET /attack-templates\n- \"Create a attack-template?\" -> POST /attack-templates\n- \"List all module-configs?\" -> GET /attack-templates/module-configs\n- \"Get attack-template details?\" -> GET /attack-templates/{attack-template-id}\n- \"Update a attack-template?\" -> PUT /attack-templates/{attack-template-id}\n- \"Delete a attack-template?\" -> DELETE /attack-templates/{attack-template-id}\n- \"List all modules?\" -> GET /attack-templates/{attack-template-id}/modules\n- \"Create a module?\" -> POST /attack-templates/{attack-template-id}/modules\n- \"Update a module?\" -> PUT /attack-templates/{attack-template-id}/modules/{attack-module-id}\n- \"Delete a module?\" -> DELETE /attack-templates/{attack-template-id}/modules/{attack-module-id}\n- \"List all blackouts?\" -> GET /blackouts\n- \"Create a blackout?\" -> POST /blackouts\n- \"Get blackout details?\" -> GET /blackouts/{blackout-id}\n- \"Update a blackout?\" -> PUT /blackouts/{blackout-id}\n- \"Delete a blackout?\" -> DELETE /blackouts/{blackout-id}\n- \"List all engine-groups?\" -> GET /engine-groups\n- \"Create a engine-group?\" -> POST /engine-groups\n- \"Get engine-group details?\" -> GET /engine-groups/{engine-group-id}\n- \"Update a engine-group?\" -> PUT /engine-groups/{engine-group-id}\n- \"Delete a engine-group?\" -> DELETE /engine-groups/{engine-group-id}\n- \"List all engines?\" -> GET /engine-groups/{engine-group-id}/engines\n- \"Create a engine?\" -> POST /engines\n- \"Get engine details?\" -> GET /engines/{engine-id}\n- \"Update a engine?\" -> PUT /engines/{engine-id}\n- \"Delete a engine?\" -> DELETE /engines/{engine-id}\n- \"List all credential?\" -> GET /engines/{engine-id}/credential\n- \"Create a upgrade?\" -> POST /engines/{engine-id}/upgrade\n- \"Get module details?\" -> GET /modules/{module-id}\n- \"Get attack details?\" -> GET /modules/{module-id}/attacks/{attack-id}\n- \"List all documentation?\" -> GET /modules/{module-id}/attacks/{attack-id}/documentation\n- \"List all reports?\" -> GET /reports\n- \"Create a report?\" -> POST /reports\n- \"Get report details?\" -> GET /reports/{report-id}\n- \"Delete a report?\" -> DELETE /reports/{report-id}\n- \"List all scan-configs?\" -> GET /scan-configs\n- \"Create a scan-config?\" -> POST /scan-configs\n- \"List all default?\" -> GET /scan-configs/options/default\n- \"Get scan-config details?\" -> GET /scan-configs/{scan-config-id}\n- \"Update a scan-config?\" -> PUT /scan-configs/{scan-config-id}\n- \"Delete a scan-config?\" -> DELETE /scan-configs/{scan-config-id}\n- \"List all options?\" -> GET /scan-configs/{scan-config-id}/options\n- \"List all scans?\" -> GET /scans\n- \"Create a scan?\" -> POST /scans\n- \"Get scan details?\" -> GET /scans/{scan-id}\n- \"Delete a scan?\" -> DELETE /scans/{scan-id}\n- \"List all action?\" -> GET /scans/{scan-id}/action\n- \"List all engine-events?\" -> GET /scans/{scan-id}/engine-events\n- \"List all execution-details?\" -> GET /scans/{scan-id}/execution-details\n- \"List all platform-events?\" -> GET /scans/{scan-id}/platform-events\n- \"List all schedules?\" -> GET /schedules\n- \"Create a schedule?\" -> POST /schedules\n- \"Get schedule details?\" -> GET /schedules/{schedule-id}\n- \"Update a schedule?\" -> PUT /schedules/{schedule-id}\n- \"Delete a schedule?\" -> DELETE /schedules/{schedule-id}\n- \"Create a search?\" -> POST /search\n- \"Get tag details?\" -> GET /tags/{tag-id}\n- \"Update a tag?\" -> PUT /tags/{tag-id}\n- \"List all targets?\" -> GET /targets\n- \"Create a target?\" -> POST /targets\n- \"Get target details?\" -> GET /targets/{target-id}\n- \"Update a target?\" -> PUT /targets/{target-id}\n- \"Delete a target?\" -> DELETE /targets/{target-id}\n- \"List all vulnerabilities?\" -> GET /vulnerabilities\n- \"Create a documentation?\" -> POST /vulnerabilities/variances/documentation\n- \"Get vulnerability details?\" -> GET /vulnerabilities/{vuln-id}\n- \"Update a vulnerability?\" -> PUT /vulnerabilities/{vuln-id}\n- \"List all comments?\" -> GET /vulnerabilities/{vuln-id}/comments\n- \"Create a comment?\" -> POST /vulnerabilities/{vuln-id}/comments\n- \"Get comment details?\" -> GET /vulnerabilities/{vuln-id}/comments/{comment-id}\n- \"Update a comment?\" -> PUT /vulnerabilities/{vuln-id}/comments/{comment-id}\n- \"Delete a comment?\" -> DELETE /vulnerabilities/{vuln-id}/comments/{comment-id}\n- \"List all discoveries?\" -> GET /vulnerabilities/{vuln-id}/discoveries\n- \"Get discovery details?\" -> GET /vulnerabilities/{vuln-id}/discoveries/{vuln-discovery-id}\n- \"List all history?\" -> GET /vulnerabilities/{vuln-id}/history\n- \"How to authenticate?\" -> See Auth section above\n\n## Response Tips\n- Check response schemas in references/api-spec.lap for field details\n- Create/update endpoints return the modified resource on success\n- Error responses include status codes and descriptions in the spec\n\n## References\n- Full spec: See references/api-spec.lap for complete endpoint details, parameter tables, and response schemas\n\n> Generated from the official API spec by [LAP](https://lap.sh)\n","references/api-spec.lap":"@lap v0.3\n# Machine-readable API spec. Each @endpoint block is one API call.\n@api InsightAppSec API\n@base https://[region].api.insight.rapid7.com/ias/v1\n@version v1\n@auth ApiKey (inferred from docs)\n@endpoints 102\n@hint download_for_search\n@toc apps(17), attack-templates(10), blackouts(5), engine-groups(6), engines(9), modules(4), reports(4), scan-configs(9), scans(9), schedules(5), search(1), tags(5), targets(5), vulnerabilities(13)\n\n@group apps\n@endpoint GET /apps\n@desc Get Apps\n@optional {index: int(int32), size: int(int32), sort: str, page-token: str}\n@returns(200) {data: [any], metadata: any, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint POST /apps\n@desc Create App\n@required {name: str # The name of the App}\n@optional {id: str(uuid) # The ID of the App, description: str # The description of the App}\n@returns(201) Created\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint GET /apps/{app-id}\n@desc Get App\n@required {app-id: str(uuid)}\n@returns(200) {id: str(uuid), name: str, description: str, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint PUT /apps/{app-id}\n@desc Update App\n@required {app-id: str(uuid), name: str # The name of the App}\n@optional {id: str(uuid) # The ID of the App, description: str # The description of the App}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint DELETE /apps/{app-id}\n@desc Delete App\n@required {app-id: str(uuid)}\n@returns(204) No Content\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint GET /apps/{app-id}/files\n@desc Get Files\n@required {app-id: str(uuid)}\n@optional {index: int(int32), size: int(int32), sort: str, page-token: str}\n@returns(200) {data: [any], metadata: any, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint POST /apps/{app-id}/files\n@desc Create File\n@required {app-id: str(uuid), name: str # The name of the File, type: str(MACRO/RECORDED_TRAFFIC/SELENIUM/WSDL/SWAGGER/CERTIFICATE/GRAPHQL) # The File Type of the File, locked: bool # The Locked property of the File}\n@optional {id: str(uuid) # The ID of the File, description: str # The description of the File, owner: any # The ID of the module, content_available: bool # If the File Content has been uploaded, last_updated_by_user: any # The ID of the module, last_updated: str # The time when the File was last updated}\n@returns(201) Created\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint GET /apps/{app-id}/files/{file-id}\n@desc Get File\n@required {app-id: str(uuid), file-id: str(uuid)}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint PUT /apps/{app-id}/files/{file-id}\n@desc Update File\n@required {app-id: str(uuid), file-id: str(uuid), name: str # The name of the File, type: str(MACRO/RECORDED_TRAFFIC/SELENIUM/WSDL/SWAGGER/CERTIFICATE/GRAPHQL) # The File Type of the File, locked: bool # The Locked property of the File}\n@optional {id: str(uuid) # The ID of the File, description: str # The description of the File, owner: any # The ID of the module, content_available: bool # If the File Content has been uploaded, last_updated_by_user: any # The ID of the module, last_updated: str # The time when the File was last updated}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint POST /apps/{app-id}/files/{file-id}\n@desc Upload File Content\n@required {app-id: str(uuid), file-id: str(uuid)}\n@returns(201) Created\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint DELETE /apps/{app-id}/files/{file-id}\n@desc Delete File\n@required {app-id: str(uuid), file-id: str(uuid)}\n@returns(204) No Content\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint GET /apps/{app-id}/tags\n@desc Get App Tags\n@required {app-id: str(uuid)}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint POST /apps/{app-id}/tags\n@desc Add App Tag\n@required {app-id: str(uuid), id: str(uuid)}\n@returns(201) Created\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint DELETE /apps/{app-id}/tags/{tag-id}\n@desc Remove App Tag\n@required {app-id: str(uuid), tag-id: str(uuid)}\n@returns(204) No Content\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint GET /apps/{app-id}/users\n@desc Get App Users\n@required {app-id: str(uuid)}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint POST /apps/{app-id}/users\n@desc Add App User\n@required {app-id: str(uuid), id: str(uuid)}\n@returns(201) Created\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint DELETE /apps/{app-id}/users/{user-id}\n@desc Remove App User\n@required {app-id: str(uuid), user-id: str(uuid)}\n@returns(204) No Content\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 500: Internal error}\n\n@endgroup\n\n@group attack-templates\n@endpoint GET /attack-templates\n@desc Get Attack Templates\n@optional {index: int(int32), size: int(int32), sort: str, page-token: str}\n@returns(200) {data: [any], metadata: any, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint POST /attack-templates\n@desc Create Attack Template\n@required {name: str # The name of the attack template}\n@optional {id: str(uuid) # The ID of the attack template, description: str # The description of the attack template, system_defined: bool # A read-only flag that indicates if the Attack Template is system-defined (immutable), browser_encoding_enabled: bool # A flag that is used to enforce browser encoding on all attacks, attack_prioritization: str(SEQUENTIAL/SMART/RANDOMIZED) # The Attack Prioritization type, advanced_attacks_enabled: bool # A flag to enable advanced Attacks, false_positive_regex: str # Regex used to indicate a false positive}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint GET /attack-templates/module-configs\n@desc Get Attack Modules Configs\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint GET /attack-templates/{attack-template-id}\n@desc Get Attack Template\n@required {attack-template-id: str(uuid)}\n@returns(200) {id: str(uuid), name: str, description: str, system_defined: bool, browser_encoding_enabled: bool, attack_prioritization: str, advanced_attacks_enabled: bool, false_positive_regex: str, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint PUT /attack-templates/{attack-template-id}\n@desc Update Attack Template\n@required {attack-template-id: str(uuid), name: str # The name of the attack template}\n@optional {id: str(uuid) # The ID of the attack template, description: str # The description of the attack template, system_defined: bool # A read-only flag that indicates if the Attack Template is system-defined (immutable), browser_encoding_enabled: bool # A flag that is used to enforce browser encoding on all attacks, attack_prioritization: str(SEQUENTIAL/SMART/RANDOMIZED) # The Attack Prioritization type, advanced_attacks_enabled: bool # A flag to enable advanced Attacks, false_positive_regex: str # Regex used to indicate a false positive}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint DELETE /attack-templates/{attack-template-id}\n@desc Delete Attack Template\n@required {attack-template-id: str(uuid)}\n@returns(204) No Content\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint GET /attack-templates/{attack-template-id}/modules\n@desc Get Attack Modules\n@required {attack-template-id: str(uuid)}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint POST /attack-templates/{attack-template-id}/modules\n@desc Create Attack Module\n@required {attack-template-id: str(uuid), module_config_id: str(uuid) # The ID of the configuration for the attack module, severity: str(CRITICAL/HIGH/MEDIUM/LOW/INFORMATIONAL/SAFE) # The severity that should be used for this attack module, max_findings: int(int32) # The maximum findings per attack module}\n@optional {id: str(uuid) # The ID of the attack module, enabled: bool # A flag to indicate if this module should be enabled, parameter_locations: [str] # The list of parameter locations for this attack module}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint PUT /attack-templates/{attack-template-id}/modules/{attack-module-id}\n@desc Update Attack Module\n@required {attack-template-id: str(uuid), attack-module-id: str(uuid), module_config_id: str(uuid) # The ID of the configuration for the attack module, severity: str(CRITICAL/HIGH/MEDIUM/LOW/INFORMATIONAL/SAFE) # The severity that should be used for this attack module, max_findings: int(int32) # The maximum findings per attack module}\n@optional {id: str(uuid) # The ID of the attack module, enabled: bool # A flag to indicate if this module should be enabled, parameter_locations: [str] # The list of parameter locations for this attack module}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint DELETE /attack-templates/{attack-template-id}/modules/{attack-module-id}\n@desc Delete Attack Module\n@required {attack-template-id: str(uuid), attack-module-id: str(uuid)}\n@returns(204) No Content\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 500: Internal error}\n\n@endgroup\n\n@group blackouts\n@endpoint GET /blackouts\n@desc Get Blackouts\n@optional {index: int(int32), size: int(int32), sort: str, page-token: str}\n@returns(200) {data: [any], metadata: any, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint POST /blackouts\n@desc Create Blackout\n@required {name: str # The name of the Blackout, enabled: bool # The enabled property of the Blackout, first_start: str(date-time) # The first start date and time of the Blackout, first_end: str(date-time) # The first end date and time of the Blackout}\n@optional {id: str(uuid) # The ID of the Blackout, scope: str(APP/GLOBAL) # The scope of the Blackout, active: bool # The current active status of the Blackout, app: any # The last editor of the comment, last_start: str(date-time) # The last start date and time of the Blackout, frequency: any # The frequency at which the Blackout applies. Should not be included if a rrule has been provided., rrule: str # The rrule describes how (and if) the blackout should repeat. Should not be included if a frequency has been provided.}\n@returns(201) Created\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint GET /blackouts/{blackout-id}\n@desc Get Blackout\n@required {blackout-id: str(uuid)}\n@returns(200) {id: str(uuid), name: str, scope: str, enabled: bool, active: bool, app: any, first_start: str(date-time), first_end: str(date-time), last_start: str(date-time), frequency: any, rrule: str, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint PUT /blackouts/{blackout-id}\n@desc Update Blackout\n@required {blackout-id: str(uuid), name: str # The name of the Blackout, enabled: bool # The enabled property of the Blackout, first_start: str(date-time) # The first start date and time of the Blackout, first_end: str(date-time) # The first end date and time of the Blackout}\n@optional {id: str(uuid) # The ID of the Blackout, scope: str(APP/GLOBAL) # The scope of the Blackout, active: bool # The current active status of the Blackout, app: any # The last editor of the comment, last_start: str(date-time) # The last start date and time of the Blackout, frequency: any # The frequency at which the Blackout applies. Should not be included if a rrule has been provided., rrule: str # The rrule describes how (and if) the blackout should repeat. Should not be included if a frequency has been provided.}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint DELETE /blackouts/{blackout-id}\n@desc Delete Blackout\n@required {blackout-id: str(uuid)}\n@returns(204) No Content\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 500: Internal error}\n\n@endgroup\n\n@group engine-groups\n@endpoint GET /engine-groups\n@desc Get Engine Groups\n@optional {index: int(int32), size: int(int32), sort: str, page-token: str}\n@returns(200) {data: [any], metadata: any, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint POST /engine-groups\n@desc Create Engine Group\n@required {name: str # The name of the Engine Group}\n@optional {id: str(uuid) # The ID of the Engine Group, description: str # The description of the Engine Group}\n@returns(201) Created\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint GET /engine-groups/{engine-group-id}\n@desc Get Engine Group\n@required {engine-group-id: str(uuid)}\n@returns(200) {id: str(uuid), name: str, description: str, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint PUT /engine-groups/{engine-group-id}\n@desc Update Engine Group\n@required {engine-group-id: str(uuid), name: str # The name of the Engine Group}\n@optional {id: str(uuid) # The ID of the Engine Group, description: str # The description of the Engine Group}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint DELETE /engine-groups/{engine-group-id}\n@desc Delete Engine Group\n@required {engine-group-id: str(uuid)}\n@returns(204) No Content\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint GET /engine-groups/{engine-group-id}/engines\n@desc Get Engine Group Engines\n@required {engine-group-id: str(uuid)}\n@optional {index: int(int32), size: int(int32), sort: str, page-token: str}\n@returns(200) {data: [any], metadata: any, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endgroup\n\n@group engines\n@endpoint GET /engines\n@desc Get Engines\n@required {pageConfig: any}\n@returns(200) {data: [any], metadata: any, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint POST /engines\n@desc Create Engine\n@required {name: str # The name of the Engine, auto_upgrade: bool # A flag which can be set to mark the Engine for auto upgrade}\n@optional {id: str(uuid) # The ID of the Engine, engine_group: any # The Engine Group the Engine is assigned to, status: str(INITIALIZING/LICENSING/TERMINATING/IDLE/OFFLINE/SCANNING/UPGRADING/PARKED/FAILED) # The status of the Engine, failure_reason: str(TERMINATION_FAILED/INITIALIZATION_FAILED/UPGRADE_FAILED/GENERAL_FAILURE) # The reason the Engine may have failed, latest_version: bool # A read only flag which indicates if the Engine is latest version, upgradeable: bool # A read only flag which indicates if the Engine is capable of upgrading}\n@returns(201) Created\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint GET /engines/{engine-id}\n@desc Get Engine\n@required {engine-id: str(uuid)}\n@returns(200) {id: str(uuid), name: str, engine_group: any, status: str, failure_reason: str, latest_version: bool, upgradeable: bool, auto_upgrade: bool, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint PUT /engines/{engine-id}\n@desc Update Engine\n@required {engine-id: str(uuid), name: str # The name of the Engine, auto_upgrade: bool # A flag which can be set to mark the Engine for auto upgrade}\n@optional {id: str(uuid) # The ID of the Engine, engine_group: any # The Engine Group the Engine is assigned to, status: str(INITIALIZING/LICENSING/TERMINATING/IDLE/OFFLINE/SCANNING/UPGRADING/PARKED/FAILED) # The status of the Engine, failure_reason: str(TERMINATION_FAILED/INITIALIZATION_FAILED/UPGRADE_FAILED/GENERAL_FAILURE) # The reason the Engine may have failed, latest_version: bool # A read only flag which indicates if the Engine is latest version, upgradeable: bool # A read only flag which indicates if the Engine is capable of upgrading}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint DELETE /engines/{engine-id}\n@desc Delete Engine\n@required {engine-id: str(uuid)}\n@returns(204) No Content\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint GET /engines/{engine-id}/credential\n@desc Get Engine Credential\n@required {engine-id: str(uuid)}\n@returns(200) {api_key: str} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint PUT /engines/{engine-id}/credential\n@desc Regenerate Engine Credential\n@required {engine-id: str(uuid)}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint DELETE /engines/{engine-id}/credential\n@desc Delete Engine Credential\n@required {engine-id: str(uuid)}\n@returns(204) No Content\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint POST /engines/{engine-id}/upgrade\n@desc Upgrade Engine\n@required {engine-id: str(uuid)}\n@returns(202) Accepted\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endgroup\n\n@group modules\n@endpoint GET /modules\n@desc Get Modules\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint GET /modules/{module-id}\n@desc Get Module\n@required {module-id: str(uuid)}\n@returns(200) {id: str(uuid), name: str, description: str} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint GET /modules/{module-id}/attacks/{attack-id}\n@desc Get Attack\n@required {module-id: str(uuid), attack-id: str}\n@returns(200) {id: str, type: str, class: str, description: str} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint GET /modules/{module-id}/attacks/{attack-id}/documentation\n@desc Get Attack Documentation\n@required {module-id: str(uuid), attack-id: str}\n@returns(200) {references: map, description: str, recommendation: str} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endgroup\n\n@group reports\n@endpoint GET /reports\n@desc Get Reports\n@optional {index: int(int32), size: int(int32), sort: str, page-token: str}\n@returns(200) {data: [any], metadata: any, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint POST /reports\n@desc Generate Report\n@required {name: str # The name of the Report, type: str(VULN_SUMMARY/VULN_REMEDIATION/PCI_COMPLIANCE/PCI4_COMPLIANCE/OWASP_2013_COMPLIANCE/OWASP_2017_COMPLIANCE/OWASP_2021_COMPLIANCE/OWASP_2023API_COMPLIANCE/OWASP_2025_COMPLIANCE/GDPR_2016_COMPLIANCE/SOX_COMPLIANCE/HIPAA_COMPLIANCE/EXEC_SINGLE_APP/EXEC_ALL_APPS/EXEC_SINGLE_APP_NEW_VULNS/EXEC_ALL_APPS_NEW_VULNS/EXEC_SINGLE_APP_ALL_VULNS/EXEC_ALL_APPS_ALL_VULNS) # The type of the Report.EXEC_SINGLE_APP is deprecated. Use EXEC_SINGLE_APP_NEW_VULNS or EXEC_SINGLE_APP_ALL_VULNS instead. EXEC_ALL_APPS is deprecated. Use EXEC_ALL_APPS_NEW_VULNS or EXEC_ALL_APPS_ALL_VULNS instead., format: str(HTML/CSV/PDF) # The format of the Report}\n@optional {scan: any # The Scan associated with the Report, app: any # The App that the Scan is associated with, start: str # The start date range scope for the Report yyyy-mm-dd, end: str # The end date range scope for the Report yyyy-mm-dd, month: str # The month date range scope for the Report yyyy-mm, filter: str # Search-format filter relevant to the Report Type that narrows its scope}\n@returns(201) Created\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint GET /reports/{report-id}\n@desc Get Report\n@required {report-id: str(uuid)}\n@returns(200) {id: str(uuid), name: str, type: str, format: str, owner: any, generated_date: str(date-time), app: any, status: str, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint DELETE /reports/{report-id}\n@desc Delete Report\n@required {report-id: str(uuid)}\n@returns(204) No Content\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 500: Internal error}\n\n@endgroup\n\n@group scan-configs\n@endpoint GET /scan-configs\n@desc Get Scan Configs\n@optional {include-errors: bool=true, index: int(int32), size: int(int32), sort: str, page-token: str}\n@returns(200) {data: [any], metadata: any, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint POST /scan-configs\n@desc Create Scan Config\n@required {name: str # The name of the Scan Config, app: any # The App that the Scan is associated with, attack_template: any # The attack template that the Scan Config should use}\n@optional {id: str(uuid) # The ID of the Scan Config, description: str # The description of the Scan Config, incremental: bool # A flag to enable incremental scanning, assignment: any # The engine assignment that the Scan should use, errors: [str] # A list of errors that detail any current validation failures}\n@returns(201) Created\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint GET /scan-configs/options/default\n@desc Get Scan Configs Options Default\n@returns(200) {detailed_logging: bool, display_imminent_license_expiry_message: bool, java_script_engine: str, scan_module_parameter_files_list: [any], crawl_config: any, attacker_config: any, auth_config: any, proxy_config: any, ssl_cert_config: any, network_settings_config: any, performance_config: any, http_headers_config: any, manual_crawling_config: any, parameter_training_config: any, auto_sequence_config: any, macro_config: any, selenium_config: any, web_service_config: any, one_time_token_config: any, parameter_parser_config: any, parameter_value_config: any, chrome_host_config: any, token_replacement_config: any, chatbot_config: any} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint GET /scan-configs/{scan-config-id}\n@desc Get Scan Config\n@required {scan-config-id: str(uuid)}\n@returns(200) {id: str(uuid), name: str, description: str, app: any, attack_template: any, incremental: bool, assignment: any, errors: [str], links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint PUT /scan-configs/{scan-config-id}\n@desc Update Scan Config\n@required {scan-config-id: str(uuid), name: str # The name of the Scan Config, app: any # The App that the Scan is associated with, attack_template: any # The attack template that the Scan Config should use}\n@optional {id: str(uuid) # The ID of the Scan Config, description: str # The description of the Scan Config, incremental: bool # A flag to enable incremental scanning, assignment: any # The engine assignment that the Scan should use, errors: [str] # A list of errors that detail any current validation failures}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint DELETE /scan-configs/{scan-config-id}\n@desc Delete Scan Config\n@required {scan-config-id: str(uuid)}\n@returns(204) No Content\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint GET /scan-configs/{scan-config-id}/options\n@desc Get Scan Config Options\n@required {scan-config-id: str(uuid)}\n@returns(200) {detailed_logging: bool, display_imminent_license_expiry_message: bool, java_script_engine: str, scan_module_parameter_files_list: [any], crawl_config: any, attacker_config: any, auth_config: any, proxy_config: any, ssl_cert_config: any, network_settings_config: any, performance_config: any, http_headers_config: any, manual_crawling_config: any, parameter_training_config: any, auto_sequence_config: any, macro_config: any, selenium_config: any, web_service_config: any, one_time_token_config: any, parameter_parser_config: any, parameter_value_config: any, chrome_host_config: any, token_replacement_config: any, chatbot_config: any} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint PUT /scan-configs/{scan-config-id}/options\n@desc Update Scan Config Options\n@required {scan-config-id: str(uuid)}\n@optional {detailed_logging: bool, display_imminent_license_expiry_message: bool, java_script_engine: str(DEFAULT/INTERNET_EXPLORER/CHROME/CHROMIUM), scan_module_parameter_files_list: [any], crawl_config: any, attacker_config: any, auth_config: any, proxy_config: any, ssl_cert_config: any, network_settings_config: any, performance_config: any, http_headers_config: any, manual_crawling_config: any, parameter_training_config: any, auto_sequence_config: any, macro_config: any, selenium_config: any, web_service_config: any, one_time_token_config: any, parameter_parser_config: any, parameter_value_config: any, chrome_host_config: any, token_replacement_config: any, chatbot_config: any}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint PATCH /scan-configs/{scan-config-id}/options\n@desc Patch Scan Config Options\n@required {scan-config-id: str(uuid)}\n@optional {detailed_logging: bool, display_imminent_license_expiry_message: bool, java_script_engine: str(DEFAULT/INTERNET_EXPLORER/CHROME/CHROMIUM), scan_module_parameter_files_list: [any], crawl_config: any, attacker_config: any, auth_config: any, proxy_config: any, ssl_cert_config: any, network_settings_config: any, performance_config: any, http_headers_config: any, manual_crawling_config: any, parameter_training_config: any, auto_sequence_config: any, macro_config: any, selenium_config: any, web_service_config: any, one_time_token_config: any, parameter_parser_config: any, parameter_value_config: any, chrome_host_config: any, token_replacement_config: any, chatbot_config: any}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endgroup\n\n@group scans\n@endpoint GET /scans\n@desc Get Scans\n@optional {index: int(int32), size: int(int32), sort: str, page-token: str}\n@returns(200) {data: [any], metadata: any, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint POST /scans\n@desc Submit Scan\n@required {scan_config: any # The Scan Config used when the Scan was submitted, must be associated with the App specified for this Scan}\n@optional {id: str(uuid) # The ID of the Scan, app: any # The ID of the module, submitter: any # The submitter of the Scan, submit_time: str # The time the Scan was submitted, completion_time: str # The time the Scan was completed, status: str(PENDING/QUEUED/PROVISIONING/RUNNING/SCANNED/PROCESSED/COMPLETE/PAUSED/BLACKED_OUT/AWAITING_AUTHENTICATION/AUTHENTICATED/PAUSING/RESUMING/STOPPING/CANCELING/AUTHENTICATING/FAILED) # The status of the Scan, failure_reason: str(CANCELED/NETWORK_UNAVAILABLE/SYSTEM_ERROR/CONFIGURATION_INVALID/BAD_AUTH/LICENSE_INVALID/TARGETS_INVALID/ENGINE_UNAVAILABLE/INITIALIZATION_FAILURE/SWAGGER_PARSING_ERROR/DATABASE_TOO_LARGE/INSUFFICIENT_DISK_SPACE/INSUFFICIENT_MEMORY/TOO_MANY_THREADS/RASP_FAILURE/BOOTSTRAP_AUTHENTICATION_FAILURE/REPORT_GENERATION_FAILURE) # The reason the Scan may have failed, validation: any # The Validation resource. Should not be included if a Specialized Scan Parameters Resource has been provided., scan_type: str(REGULAR/VERIFICATION/INCREMENTAL) # The type of Scan, specialized_scan_parameters: any # The Specialized Scan Parameters Resource used to start a validation scan with a subset of vulnerability ids. Should not be included if a Scan Verification Resource has been provided.}\n@returns(201) Created\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint GET /scans/{scan-id}\n@desc Get Scan\n@required {scan-id: str(uuid)}\n@returns(200) {id: str(uuid), app: any, scan_config: any, submitter: any, submit_time: str, completion_time: str, status: str, failure_reason: str, validation: any, scan_type: str, specialized_scan_parameters: any, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint DELETE /scans/{scan-id}\n@desc Delete Scan\n@required {scan-id: str(uuid)}\n@returns(204) No Content\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint GET /scans/{scan-id}/action\n@desc Get Scan Action\n@required {scan-id: str(uuid)}\n@returns(204) {action: str} # No Content\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint PUT /scans/{scan-id}/action\n@desc Submit Scan Action\n@required {scan-id: str(uuid), action: str(PAUSE/RESUME/STOP/AUTHENTICATE/CANCEL)}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint GET /scans/{scan-id}/engine-events\n@desc Get Scan Engine Events\n@required {scan-id: str(uuid)}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint GET /scans/{scan-id}/execution-details\n@desc Get Scan Execution Details\n@required {scan-id: str(uuid)}\n@returns(200) {logged_in: bool, links_in_queue: int(int32), links_crawled: int(int32), attacks_in_queue: int(int32), attacked: int(int32), vulnerable: int(int32), requests: int(int32), failed_requests: int(int32), network_speed: int(int32), drip_delay: int(int32)} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint GET /scans/{scan-id}/platform-events\n@desc Get Scan Platform Events\n@required {scan-id: str(uuid)}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endgroup\n\n@group schedules\n@endpoint GET /schedules\n@desc Get Schedules\n@optional {index: int(int32), size: int(int32), sort: str, page-token: str}\n@returns(200) {data: [any], metadata: any, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint POST /schedules\n@desc Create Schedule\n@required {name: str # The name of the Schedule, enabled: bool # The enabled property of the Schedule, scan_config: any # The Scan Config of the Schedule, first_start: str(date-time) # The first start date and time of the Schedule}\n@optional {id: str(uuid) # The ID of the Schedule, last_start: str(date-time) # The last start date and time of the Schedule, frequency: any # The frequency describes how (and if) the Schedule should repeat. Should not be included if a rrule has been provided., rrule: str # The rrule describes how (and if) the schedule should repeat. Should not be included if a frequency has been provided.}\n@returns(201) Created\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint GET /schedules/{schedule-id}\n@desc Get Schedule\n@required {schedule-id: str(uuid)}\n@returns(200) {id: str(uuid), name: str, enabled: bool, scan_config: any, first_start: str(date-time), last_start: str(date-time), frequency: any, rrule: str, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint PUT /schedules/{schedule-id}\n@desc Update Schedule\n@required {schedule-id: str(uuid), name: str # The name of the Schedule, enabled: bool # The enabled property of the Schedule, scan_config: any # The Scan Config of the Schedule, first_start: str(date-time) # The first start date and time of the Schedule}\n@optional {id: str(uuid) # The ID of the Schedule, last_start: str(date-time) # The last start date and time of the Schedule, frequency: any # The frequency describes how (and if) the Schedule should repeat. Should not be included if a rrule has been provided., rrule: str # The rrule describes how (and if) the schedule should repeat. Should not be included if a frequency has been provided.}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint DELETE /schedules/{schedule-id}\n@desc Delete Schedule\n@required {schedule-id: str(uuid)}\n@returns(204) No Content\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 500: Internal error}\n\n@endgroup\n\n@group search\n@endpoint POST /search\n@desc Perform Search\n@required {type: str(APP/SCAN/SCAN_CONFIG/VULNERABILITY/VULNERABILITY_DISCOVERY/ATTACK_TEMPLATE/TARGET/ENGINE/ENGINE_GROUP/SCHEDULE/BLACKOUT/FILE/TAG/REPORT) # The type of resource to Search, query: str # The query for the Search}\n@optional {limitData: bool, index: int(int32), size: int(int32), sort: str, page-token: str}\n@returns(200) {data: [map], metadata: any, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endgroup\n\n@group tags\n@endpoint GET /tags\n@desc Get Tags\n@optional {root: bool=false, index: int(int32), size: int(int32), sort: str, page-token: str}\n@returns(200) {data: [any], metadata: any, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint POST /tags\n@desc Create Tag\n@required {name: str # The name of the Tag}\n@optional {id: str(uuid) # The ID of the Tag, creator: any # The ID of the module, create_time: str # The time the Tag was created}\n@returns(201) Created\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint GET /tags/{tag-id}\n@desc Get Tag\n@required {tag-id: str(uuid)}\n@returns(200) {id: str(uuid), name: str, creator: any, create_time: str, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint PUT /tags/{tag-id}\n@desc Update Tag\n@required {tag-id: str(uuid), name: str # The name of the Tag}\n@optional {id: str(uuid) # The ID of the Tag, creator: any # The ID of the module, create_time: str # The time the Tag was created}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint DELETE /tags/{tag-id}\n@desc Delete Tag\n@required {tag-id: str(uuid)}\n@optional {cascade: bool=false}\n@returns(204) No Content\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 500: Internal error}\n\n@endgroup\n\n@group targets\n@endpoint GET /targets\n@desc Get Targets\n@optional {index: int(int32), size: int(int32), sort: str, page-token: str}\n@returns(200) {data: [any], metadata: any, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint POST /targets\n@desc Create Target\n@required {domain: str # The fully qualified domain name of the Target}\n@optional {id: str(uuid) # The ID of the Target, enabled: bool # The enabled property of the Target, archived: bool # The archived property of the Target}\n@returns(201) Created\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint GET /targets/{target-id}\n@desc Get Target\n@required {target-id: str(uuid)}\n@returns(200) {id: str(uuid), domain: str, enabled: bool, archived: bool, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint PUT /targets/{target-id}\n@desc Update Target\n@required {target-id: str(uuid), domain: str # The fully qualified domain name of the Target}\n@optional {id: str(uuid) # The ID of the Target, enabled: bool # The enabled property of the Target, archived: bool # The archived property of the Target}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint DELETE /targets/{target-id}\n@desc Delete Target\n@required {target-id: str(uuid)}\n@returns(204) No Content\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 500: Internal error}\n\n@endgroup\n\n@group vulnerabilities\n@endpoint GET /vulnerabilities\n@desc Get Vulnerabilities\n@optional {index: int(int32), size: int(int32), sort: str, page-token: str}\n@returns(200) {data: [any], metadata: any, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint POST /vulnerabilities/variances/documentation\n@desc Get Vulnerability Variances Documentation\n@optional {variance_ids: [str(uuid)], scan_id: str(uuid), vuln_uuids: [str(uuid)], vuln_ids: [str(uuid)]}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint GET /vulnerabilities/{vuln-id}\n@desc Get Vulnerability\n@required {vuln-id: str(uuid)}\n@returns(200) {id: str(uuid), app: any, root_cause: any, severity: str, status: str, first_discovered: str, last_discovered: str, newly_discovered: bool, variances: [any], vector_string: str, vulnerability_score: num(double), insight_ui_url: str, updated_time: str(date-time), links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint PUT /vulnerabilities/{vuln-id}\n@desc Update Vulnerability\n@required {vuln-id: str(uuid)}\n@optional {id: str(uuid) # The ID of the Vulnerability, app: any # The ID of the module, root_cause: any # A descriptor for the location of the Vulnerability, severity: str(SAFE/INFORMATIONAL/LOW/MEDIUM/HIGH/CRITICAL) # The severity of the Vulnerability, status: str(UNREVIEWED/FALSE_POSITIVE/VERIFIED/IGNORED/REMEDIATED/DUPLICATE) # The status of the Vulnerability, first_discovered: str # The time the Vulnerability was first discovered, last_discovered: str # The time the Vulnerability was last discovered, newly_discovered: bool # Indicates that the vulnerability has been found in the latest scan and has not been discovered before, variances: [any] # Evidence found that indicates the presence of a Vulnerability, vector_string: str # Textual representation of the metric values used to determine the CVSS score, vulnerability_score: num(double) # CVSS score which represents the severity of an information security vulnerability, insight_ui_url: str # Direct link to the Vulnerability on InsightAppSec UI. Require InsightAppSec login before use., updated_time: str(date-time) # ${public-api.docs.models.vulnerability.properties.updated-time}}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint GET /vulnerabilities/{vuln-id}/comments\n@desc Get Vulnerability Comments\n@required {vuln-id: str(uuid)}\n@returns(200) {data: [any], metadata: any, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint POST /vulnerabilities/{vuln-id}/comments\n@desc Create Vulnerability Comment\n@required {vuln-id: str(uuid), content: str # The content of the Vulnerability Comment}\n@optional {id: str(uuid) # The ID of the Vulnerability Comment, vulnerability: any # The last editor of the comment, author: any # The last editor of the comment, last_update_author: any # The last editor of the comment, create_time: str # The time when the Vulnerability Comment was created, update_time: str # The time when the Vulnerability Comment was last edited}\n@returns(201) Created\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint GET /vulnerabilities/{vuln-id}/comments/{comment-id}\n@desc Get Vulnerability Comment\n@required {vuln-id: str(uuid), comment-id: str(uuid)}\n@returns(200) {id: str(uuid), vulnerability: any, author: any, last_update_author: any, content: str, create_time: str, update_time: str, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint PUT /vulnerabilities/{vuln-id}/comments/{comment-id}\n@desc Update Vulnerability Comment\n@required {vuln-id: str(uuid), comment-id: str(uuid), content: str # The content of the Vulnerability Comment}\n@optional {id: str(uuid) # The ID of the Vulnerability Comment, vulnerability: any # The last editor of the comment, author: any # The last editor of the comment, last_update_author: any # The last editor of the comment, create_time: str # The time when the Vulnerability Comment was created, update_time: str # The time when the Vulnerability Comment was last edited}\n@returns(200) OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 422: Resource validation error, 500: Internal error}\n\n@endpoint DELETE /vulnerabilities/{vuln-id}/comments/{comment-id}\n@desc Delete Vulnerability Comment\n@required {vuln-id: str(uuid), comment-id: str(uuid)}\n@returns(204) No Content\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 409: Action conflict, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint GET /vulnerabilities/{vuln-id}/discoveries\n@desc Get Vulnerability Discoveries\n@required {vuln-id: str(uuid)}\n@optional {index: int(int32), size: int(int32), sort: str, page-token: str}\n@returns(200) {data: [any], metadata: any, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint GET /vulnerabilities/{vuln-id}/discoveries/{vuln-discovery-id}\n@desc Get Vulnerability Discovery\n@required {vuln-id: str(uuid), vuln-discovery-id: str(uuid)}\n@returns(200) {id: str(uuid), vulnerability: any, scan: any, discovered: str, links: [any]} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint GET /vulnerabilities/{vuln-id}/history\n@desc Get Vulnerability History\n@required {vuln-id: str(uuid)}\n@returns(200) {empty: bool, first: any, last: any} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endpoint GET /vulnerabilities/{vuln-id}/variances/{variance-id}/documentation\n@desc Get Vulnerability Variance Documentation\n@required {vuln-id: str(uuid), variance-id: str(uuid)}\n@returns(200) {references: map, description: str, recommendation: str, id: str(uuid)} # OK\n@errors {400: Bad Request, 401: Unauthenticated, 403: Unauthorized, 404: Resource not found, 415: Unsupported Media Type, 500: Internal error}\n\n@endgroup\n\n@end\n"}}