Generate PDF via API

Introduction
PDF cURL Command
Endpoints
Parameters
Query Params

Introduction

Generating a PDF of a Platform assessment can be done in two ways:

  1. Within the Platform UI. Login to Platform > select the preferred app's assessment > Security Report > select the download icon beside the Security Report download.pngLearn more about Save and Customize a PDF Report and Evidence File in Platform article.
  2. NowSecure's API cURL command (Instructions below)

Note: The API produced PDF does not yet include the inline evidence, but will be included in future releases.

cURL Command

Note: Replace the $API_TOKEN with your own token. Create a token by selecting the Profile icon on the top right corner of Platform > select Tokens. See Creating an API Bearer Token for further information.

The assessment/ref/xxxxxx-xxx refers to the Assessment ID of the application you want the report generated for. Assessment ID can be found by selecting the preferred app on the Apps page > Security Report > Debug tab > then select the Assessment Info section on the left of the screen. 

Note: Make sure to keep the .pdf? at the end after your own Assessment ID. The download path must end with .pdf if the naming convention is changed.

This cURL command downloads a PDF report of a specific assessment.

- curl -v -H "Authorization: Bearer $API_TOKEN" -X GET \ "https://api.nowsecure.com/report/assessment/ref/576313e0-5797-11ed-bed7-bf69c0c3effb.pdf?\!rss&\rhf&fc" \ > ~/Downloads/assessment.pdf

Endpoints

  • Creates an endpoint for assessment report generation:

    /report/assessment/ref/:assessmentRef/:filename.:format(pdf)
  • Creates an endpoint for assessment evidence (findings) zip file generation:

    /report/assessment/:assessmentRef/evidence/:filename.zip
  • Removes legacy getAssessmentFindings endpoints:

    '/assessment/:task/findings'
    '/assessment/:task/findings.pdf'
  • Replaces legacy getAssessmentReport endpoint logic with new .pdf:

    '/assessment/:ref/report.json'
    '/assessment/:ref/report.html'
    '/assessment/:ref/report.pdf'

Parameters

Params Type Description
filename String Default: NowSecure-Report-{date}
assessmentRef UUID required
policyCategories = ['1', '2', '3', 'pass']
impactTypes = ['medium', 'warn', 'info', 'artifact', 'pass']
regulatoryFindings = [
  'owasp',
  'cwe',
  'fisma_low',
  'fisma_med',
  'owasp',
  'gdpr',
  'ffiec',
  'pci',
  'hipaa',
  'ccpa',
  'ioxt',
  'cwe_top_25',
  'niap',
  'google_caq',

Query Params

Query Params Type Description

evidenceFormats

Array ( json | inline )

required

policyCategories

Boolean

defaulted true

findingDetails

Boolean

defaulted true

findingsSummary

Boolean

defaulted true

hiddenFindings

Boolean

defaulted true

impactType

Array (see above)

Defaulted: all

policyCategory

Array (see above)

required

report

String

Defaulted standard

reportSummary

Boolean

Defaulted true

screenshots

Boolean

defaulted: true

finding.note

boolean

defaulted: true

finding.description

boolean

defaulted: true

finding.stepsToReproduce

boolean

defaulted: true

finding.businessImpact

boolean

defaulted: true

finding.remediationResources

boolean

defaulted: true

finding.regulatory

Array (see above)

defaulted: all

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.