Applications - REST API
Corie Lynch
May 25, 2023 17:00
Create Application Resource List Applications Upload Application View Application
Create Application Resource
Using POST /app/, you can create an application resource that does not have a binary associated with it. To run an assessment you must upload a binary with the same package name and platform.
POST
https://lab-api.nowsecure.com/app/
curl -H "Authorization: Bearer ${API_TOKEN}" -X POST https://lab-api.nowsecure.com/app/ -d '{"platform": "android", "package": "com.example.app", "group": "363df3a1-0e8b-4960-bb6e-cc09aced37a1"}'
HTTP/1.1 200 OK
{
"platform": "android",
"package": "com.example.app",
"group": "363df3a1-0e8b-4960-bb6e-cc09aced37a1",
"created": "2016-04-08T19:06:00.257Z"
}
Header
Field Type Description
Authorization String Send header with value Bearer: ${API_TOKEN} to authenticate
Body
Field Type Description
platformString The platform associated with application Allowed values: "ios", "android"
package String The package identifier of application
group String The uuid group ref to associate application with (only optional if user belongs to exactly one group)
List Applications
You can list all of the applications associated with an account using GET /app/.
GET
https://lab-api.nowsecure.com/app/
curl -H "Authorization: Bearer ${API_TOKEN}" -X GET https://lab-api.nowsecure.com/app/
HTTP/1.1 200 OK
[
{
"platform": "android",
"package": "fuzion24.dynamictestapp",
"account": "363df3a1-0e8b-4960-bb6e-cc09aced37a1",
"created": "2016-04-07T20:29:15.769Z"
}
]
Header
Field Type Description
Authorization String Send header with value Bearer: ${API_TOKEN} to authenticate
Query
Field Type Description
groupString The uuid group ref to filter with. You must be a member of the specified group, or have the organization-wide auto.application:list privilege
Upload Application
Use POST /build/, with a request body of the app binary, to trigger an assessment. This will create a new application record if one does not already exist in specified group. If application record does it exist, this will use any previously specified configuration options. If it is the first time an application has been uploaded, the assessment will start with the default configuration options.
POST
https://lab-api.nowsecure.com/build/
curl -H "Authorization: Bearer ${API_TOKEN}" -X POST https://lab-api.nowsecure.com/build/?group=838929c6-73c8-11e8-a19d-27d57188d0f9 --data-binary @bin.apk
> Content-Length: 809562
> Content-Type: application/x-www-form-urlencoded
> Expect: 100-continue
>
< HTTP/1.1 100 Continue
We are completely uploaded and fine
< HTTP/1.1 201 Created
< X-Served-By: 81faea87c926
< X-Request-ID: 6d77d2d8-534b-4704-85fe-5738ae5d3ac1
< Content-Type: application/json
< Access-Control-Allow-Origin:
< Access-Control-Allow-Headers: Accept, Accept-Encoding, Accept-Language, Authorization, Cache-Control, Connection, Content-Type, Digest, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, Origin, Range, Referer, User-Agent
< Date: Fri, 03 Feb 2017 20:31:59 GMT
< Connection: close
< Content-Length: 12200
<
Header
Field Type Description
Authorization String Send header with value Bearer: ${API_TOKEN} to authenticate
Query
Field Type Description
groupString The application group to use for the assessment (only optional if user belongs to exactly one group)
View Application
Using the GET /app/{platform}/{package} endpoint will allow the user to view a specific application package.
GET
https://lab-api.nowsecure.com/app/:platform/:package
curl -H "Authorization: Bearer ${API_TOKEN}" -X GET https://lab-api.nowsecure.com/app/android/com.sample.android.testdpc?group=838929c6-73c8-11e8-a19d-27d57188d0f9
Header
Field Type Description
Authorization String Send header with value Bearer: ${API_TOKEN} to authenticate
Route
Field Type Description
platform String The platform associated with application. Allowed values: "ios", "android"
package String The package identifier of application
Query
Field Type Description
groupString The uuid group ref of application (only optional if user belongs to exactly one group)
Comments
Article is closed for comments.