Assessments - REST API

Cancel Assessment
Trigger Application Assessment
View Assessment Findings
View Assessment Report
View List of Assessments
View Raw Report

Cancel Assessment

Using this endpoint to terminate a currently running assessment and disregard any partial analysis results.

POST https://lab-api.nowsecure.com/app/assessment/:task/cancel
curl -H "Authorization: Bearer ${API_TOKEN}" -X POST \
    https://lab-api.nowsecure.com/app/assessment/1486153919195/cancel

Header 

Field Type Description
Authorization String  Send header with value Bearer: ${API_TOKEN} to authenticate

 

Route

Field Type Description
task String The numeric task identifier associated with assessment request

Trigger Application Assessment

After changing the configurations, using POST /app/{platform}/{package}/assessment/ will trigger an assessment on the most recent build of the application with the new configuration options.

POST https://lab-api.nowsecure.com/app/:platform/:package/assessment/
curl -H "Authorization: Bearer ${API_TOKEN}" -X POST \
    https://lab-api.nowsecure.com/app/ios/br.com.tribanco.mb/assessment/?group=838929c6-73c8-11e8-a19d-27d57188d0f9
curl -H "Authorization: Bearer ${API_TOKEN}" -X POST \
    https://lab-api.nowsecure.com/app/ios/br.com.tribanco.mb/assessment/?appstore_download=*&group=838929c6-73c8-11e8-a19d-27d57188d0f9

Header 

Field Type Description
Authorization String  Send header with value Bearer: ${API_TOKEN} to authenticate

 

Route

Field Type Description
platform String The platform associated with application. Allowed values: "ios", "android"
package String The package identifier for application

 

Query

Field Type Description
group String The uuid group ref of application (only optional if user belongs to exactly one group)
appstore_download String The value * (or any truthy value, for now) will attempt to download the latest available build of the app from appstore, and run the assessment on this build binary (assuming the has an appstore_application_key set)

View Assessment Findings

You can view the assessment findings.

GET https://lab-api.nowsecure.com/assessment/:task/findings
curl -H "Authorization: Bearer ${API_TOKEN}" -X GET \
https://lab-api.nowsecure.com/assessment/1485531440745/findings

Header 

Field Type Description
Authorization String  Send header with value Bearer: ${API_TOKEN} to authenticate

 

Route

Field Type Description
task String The numeric task identifier associated with assessment request

View Assessment Report

You can view the assessment response in .json using GET /app/{platform}/{package}/assessment/{task}/results

GET https://lab-api.nowsecure.com/app/:platform/:package/assessment/:task/results
curl -H "Authorization: Bearer ${API_TOKEN}" -X GET \
https://lab-api.nowsecure.com/app/ios/br.com.tribanco.mb/assessment/1485531440745/results

Header 

Field Type Description
Authorization String  Send header with value Bearer: ${API_TOKEN} to authenticate

 

Route

Field Type Description
platform String The platform associated with application. Allowed values: "ios", "android"
package String The package identifier for application
task String The numeric task identifier associated with assessment request

Query

Field Type Description
group String  The uuid group ref of application (only optional if user belongs to exactly one group)

 

Error 4XX

Field Description
BadRequestError Request is not properly formed, e.g. a parameter necessary to fulfill request is missing.
NotFoundError Requested resource was not found within authenticated user's scope.
InternalServerError Unexpected system failure occurred while processing request.

View List of Assessments

Using the GET /app/{platform}/{package}/assessment/ endpoint will allow the user to view a list of assessments for a specific application package.

GET https://lab-api.nowsecure.com/app/:platform/:package/assessment/
curl -H "Authorization: Bearer ${API_TOKEN}" -X GET \
    https://lab-api.nowsecure.com/app/android/com.sample.android.testdpc/assessment/

Header 

Field Type Description
Authorization String  Send header with value Bearer: ${API_TOKEN} to authenticate

 

Route

Field Type Description
platform String The platform associated with application. Allowed values: "ios", "android"
package String The package identifier for application

 

Query

Field Type Description
group String The uuid group ref of application (only optional if user belongs to exactly one group)

View Raw Report

Using the GET /app/{platform}/{package}/assessment/{task}/report endpoint will allow the user to view a the raw report for a specific application package.

GET https://lab-api.nowsecure.com/app/:platform/:package/assessment/:task/report
curl -H "Authorization: Bearer ${API_TOKEN}" -X GET \
    https://lab-api.nowsecure.com/app/android/com.sample.android.testdpc/assessment/1486153919195/report

Header 

Field Type Description
Authorization String  Send header with value Bearer: ${API_TOKEN} to authenticate

 

Route

Field Type Description
platform String The platform associated with application. Allowed values: "ios", "android"
package String The package identifier for application
task String The numeric task identifier associated with assessment request

 

Query

Field Type Description
group String The uuid group ref of application

Comments

0 comments

Article is closed for comments.