Generate PDFs via Platform REST API

Josh Rodriguez

April 21, 2026 20:05

Introduction
App Analysis PDF
cURL Command
Parameters
Query Params
Common Query Examples
MASVS Report PDF
Self-Attestation Letter PDF
Privacy Report PDF

Introduction

Platform API allows you to generates a PDF for key NowSecure Platform features including:

App Analysis
MASVS Report
Self-Attestation Letter
Privacy Report

You can also export and download these PDF versions using the NowSecure Platform UI. For more information, see Export a PDF Report in Platform & NowSecure Platform Self-Attestation Letter.

App Analysis PDF

Generating a PDF of a NowSecure Platform App Analysis can be done using the NowSecure API cURL show in the example below.

cURL Command

Note: Replace the $API_TOKEN with your own token. Create a token by selecting the Profile icon on the top right corner of Platform > select Tokens. See Creating an API Bearer Token for further information.

The $assessmentID in the call refers to your app's Assessment ID of which you want the PDF report. Assessment ID can be found by selecting the preferred app on the Apps page > App Analysis > Debug tab in the left side panel > then select the Assessment Info subsection.

Note: Make sure to keep the .pdf at the end after your own Assessment ID. The download path must end with .pdf if the naming convention is changed.

This cURL command downloads a PDF report of a specific assessment without including screenshots.

curl -H "Authorization: Bearer $API_TOKEN" https://api.nowsecure.com/report/assessment/ref/$assessmentID.pdf > ~/Downloads/assessment.pdf

Parameters

Params	Type	Description
`filename`	String	Default: `NowSecure-Report-{date}`
`assessmentID`	UUID	`required`

Query Params

NOTE: Array params must be separated like so: policyCategory[]=1&policyCategory[]=2

Parameter	Type	Inputs	Default
`evidenceFormats`	Array	`inline`	None
`finding.businessImpact`	Boolean	`true` \| `false`	True
`finding.description`	Boolean	`true` \| `false`	True
`findings.note`	Boolean	`true` \| `false`	True
`finding.regulatory`	Array	cwe \| niap \| fisma_low \| fisma_med \| owasp \| gdpr \| ffiec \| pci \| hipaa \| ccpa \| cwe_top_25 \| ioxt \| google_caq	All
`finding.remediationResources`	Boolean	`true` \| `false`	True
`findingDetails`	Boolean	`true` \| `false`	True
`findingsSummary`	Boolean	`true` \| `false`	True
`hiddenFindings`	Boolean	`true` \| `false`	True
`status`	Array	`detected` \| `pass` \| `dismissed` \| `resolved`	None
`impactType`	Array	critical \| high \| medium \| low \| warn \| info \| artifact \| pass	All
`policyCategories`	Boolean	`true` \| `false`	True
`policyCategory`	Array	1 \| 2 \| 3 \| pass	All
`reportSummary`	Boolean	`true` \| `false`	True
`screenshots`	Boolean	`true` \| `false`	True

Common Query Examples

The following are common and useful query examples for various calls available via Platform API to return more specific results to a PDF report.

Screenshots Only

This query quickly verifies if your app is authenticating by only returning the screenshots taken during the dynamic portion of the scan.

GET

curl -H "Authorization: Bearer $API_TOKEN" "https://api.nowsecure.com/report/assessment/ref/:assessmentID.pdf?findingDetails=false&findingsSummary=false" > :filepath/:filename.pdf

Policy Category 1 Only

This query returns the Policy Category 1 findings only to this report. By default, Category 1 includes all findings that have a CVSS score ranging from low - critical

GET

curl -H "Authorization: Bearer $API_TOKEN" "https://api.nowsecure.com/report/assessment/ref/:assessmentID.pdf?policyCategory[]=1" > :filepath/:filename.pdf

Summary Only

This query outputs the counts of each severity type. No other information is returned in this two page report.

GET

curl -H "Authorization: Bearer $API_TOKEN" "https://api.nowsecure.com/report/assessment/ref/:assessmentID.pdf?findingDetails=false&screenshots=false" > :filepath/:filename.pdf

Sample output of PDF Report (Summary Only):

App Analysis PDF.jpg

Passed Findings Only

This query only displays the tests your app successfully passed.

GET

curl -H "Authorization: Bearer $API_TOKEN" "https://api.nowsecure.com/report/assessment/ref/:assessmentID.pdf?impactType[]=pass&screenshots=false" > :filepath/:filename.pdf

Show Evidence for CVSS Findings

This query returns evidence tables for findings that have a CVSS score (critical, high, medium low). Note: Evidence tables are limited to 10 rows. The next example displays the full table.

GET

curl -H "Authorization: Bearer $API_TOKEN" "https://api.nowsecure.com/report/assessment/ref/:assessmentID.pdf?evidenceFormats[]=inline&impactType[]=critical&impactType[]=high&impactType[]=medium&impactType[]=low&screenshots=false" > :filepath/:filename.pdf

Show All Evidence

This query returns a .zip file containing all of an assessment's evidence in JSON format.

GET

curl -H "Authorization: Bearer $API_TOKEN" "https://api.nowsecure.com/report/assessment/:assessmentID/evidence/:filename.zip" > :filepath/:filename.zip

MASVS Report PDF

Generating a MASVS Report PDF can done using the NowSecure API cURL command shown below.

This cURL command downloads a MASVS PDF report of an app assessment.

GET

curl -H "Authorization: Bearer $API_TOKEN" "https://api.nowsecure.com/report/assessment/ref/$assessmentID.pdf?report=masvs" > ~/Downloads/assessment.pdf

Self-Attestation Letter PDF

Generating a Self-Attestation Letter PDF can be done using the NowSecure API cURL command shown below.

This cURL command downloads a Self-Attestation Letter PDF of an app assessment.

GET

curl -H "Authorization: Bearer $API_TOKEN" https://api.nowsecure.com/report/certification/assessment/ref/$assessmentID.pdf > ~/Downloads/assessment.pdf

Privacy Report PDF

Generating a Privacy Report PDF can be done using the NowSecure API cURL command shown below.

This cURL command downloads a Privacy Report PDF of an app assessment.

GET

curl -H "Authorization: Bearer $API_TOKEN" https://api.nowsecure.com/report/certification/assessment/ref/$assessmentID.pdf > ~/Downloads/assessment.pdf