...
Retrieve an API Key that has the permission to start API Secure scans; API keys are available in the Data Theorem portal at https://pr-1593.demotheorem.com/mobile/sdlc/results_api_access .
Retrieve the RESTful API’s ID from the API’s page in the Data Theorem portal:
An API scan can then started using the following CURL command:
Code Block curl -X POST https://api.securetheorem.com/apis/devops/v1/asset_scans/restful_api_scans \ -H "Content-Type: application/json" \ -d '{"asset_id":"89ad145e-8242-41a4-93c1-5fc2c633b49d", \ "asset_base_url":"https://orderfood.google.com"}' \ -H "Authorization: APIKey ABCD123456="The endpoint will return information about the scan in the following format:
Code Block { "id":"06bd22cb-ad9b-48d3-8158-4b3cd6142db6", "asset_id":"89ad145e-8242-41a4-93c1-5fc2c633b49d", "asset_base_url":"https://orderfood.google.com", "asset_type":"RESTFUL_API", "status":"ONGOING", "failed_reason":null }(Optional) Using the ID of the scan that was returned in the previous call, the following CURL command can be used to check the status of the scan:
Code Block curl -X GET 'https://api.securetheorem.com/apis/devops/v1/asset_scans/restful_api_scans/06bd22cb-ad9b-48d3-8158-4b3cd6142db6 \ -H "Authorization: APIKey ABCD123456="
Once completed, the results of the scan will be visible in the Data Theorem portal in the RESTful API’s asset page.
...