API Security Scanner Parameters

When configured globally, these parameters will apply to API Security scans across all projects. When configured at the project level, they will apply only to API Security scans for that project.

The table below presents the optional parameters, and their optional values.

Notice

API configs can be configured on the account or project level using the Configuration API or on the scan level as part of the request body of the POST /scans API. When using the POST /scans API the scan.config.apisec prefix is left out.

Parameter	Values	Notes	CLI	API	Config as Code
Swagger folder/file filter	Swagger folder path or any folder/file type. Allow users to select specific folders or files that they want to include or exclude from the code scanning process.	Including a file type - .java Excluding a file type - !.java Use “,” sign to chain file types. For example: .java,.js The parameter also supports including/excluding folders. regex is not supported.		`scan.config.apisec.swaggerFilter`	`swaggerFilter`

Parameter

Values

Notes

CLI

API

Config as Code

Swagger folder/file filter

Swagger folder path or any folder/file type.

Allow users to select specific folders or files that they want to include or exclude from the code scanning process.

Including a file type - *.java
Excluding a file type - !*.java
Use “,” sign to chain file types.
For example: *.java,*.js
The parameter also supports including/excluding folders.
regex is not supported.

scan.config.apisec.swaggerFilter

swaggerFilter

In this section:

API Security Scanner Parameters

Notice

Search results