added
Web App Scanning: OpenAPI Specification by URL
4 months ago by Lance Duvall
A new setting has been added to the Tenable-provided API Scan template that enables users to provide a URL for the OpenAPI specification for the RESTful API they want to scan. This new functionality adds a layer of convenience over the file upload option, and the URL is checked before every scan to ensure that the API specification is up to date.
A new parameter called openapi_file_url has been added to the settings.scope object to support this new feature. The new parameter is described in the following table:
| Body Parameter | Data Type | Description |
|---|---|---|
settings.scope.openapi_file_url | string | The URL for the OpenAPI specification describing the RESTful API that you want to scan. The URL must start with http:// or https:// and end with .json, .yaml, or .yml. |
This change affects the following endpoints:
| Endpoint | Name | Description |
|---|---|---|
| POST /was/v2/configs | Create scan configuration | Creates a new scan configuration. |
| PUT /was/v2/configs/{config_id} | Upsert scan configuration | Updates an existing scan configuration or creates a new scan configuration. |