Public API
API base URL
Escape's REST public API can be reached at https://api-public.prod.cloud.escape.tech
Authentication
API key
Pass your API via the Authorization header.
You can find your API key in your Escape settings.
Basic example
export APPLICATION_ID=<YOUR APPLICATION ID>
export API_KEY=<YOUR API KEY>
curl -X POST \
-H "Authorization: Key $API_KEY" \
https://api-public.prod.cloud.escape.tech/applications/$APPLICATION_ID/start-scan
GET /organization/:organizationId/applications
Retrieve the list of applications bound to an organization
Request parameters
organizationId
The ID of the organization on Escape. It can be found on the organization section
Example response
[
{
"name": "Gontoz",
"id": "5d1b0249-a6fd-4d64-997a-99675ca6afac",
"url": "https://gontoz.escape.tech/graphql",
"createdAt": "2022-03-07T11:44:20.968Z",
"hasCI": true,
"cron": "0 3 * * *",
"scans": [
{
"id": "5d1b0249-a6fd-4d64-997a-99675ca6afac",
"status": "SUCCESS",
"createdAt": "2022-12-05T14:32:32.968Z",
"alertCounts": {
"HIGH": 10,
"MEDIUM": 7,
"LOW": 9,
"INFO": 3
},
"commitHash": "11fb1c9f83f371ca9c1e353ef9f16bc36934ab83",
"report": {
"letterScore": "F"
}
},
{
"id": "5d1b0249-a6fd-4d64-997a-99675ca6afac",
"status": "SUCCESS",
"createdAt": "2022-10-24T09:02:05.662Z",
"alertCounts": {
"HIGH": 1,
"MEDIUM": 8,
"LOW": 9,
"INFO": 2
},
"commitHash": "11fb1c9f83f371ca9c1e353ef9f16bc36934ab83",
"report": {
"letterScore": "F"
}
],
"lastSuccessfulScan": {
"id": "5d1b0249-a6fd-4d64-997a-99675ca6afac",
"createdAt": "2022-12-05T14:32:32.968Z",
"alertCounts": {
"HIGH": 10,
"MEDIUM": 7,
"LOW": 9,
"INFO": 3
},
"commitHash": "11fb1c9f83f371ca9c1e353ef9f16bc36934ab83",
"report": {
"letterScore": "F"
}
}
}
]
GET /scans/:scanId
Retrieve a specific scan and its results
Request parameters
scanId
The ID of the scan on Escape.
Example response
{
"id": "5d1b0249-a6fd-4d64-997a-99675ca6afac",
"status": "SUCCESS",
"createdAt": "2022-12-05T14:32:32.968Z",
"score": 0.009737885064620144,
"completionRatio": 1,
"commitHash": "11fb1c9f83f371ca9c1e353ef9f16bc36934ab83",
"application": {
"id": "5d1b0249-a6fd-4d64-997a-99675ca6afac",
"createdAt": "2022-03-07T11:44:20.968Z",
"engine": "Ariadne",
"manuallySetEngine": null,
"name": "Gontoz",
"updatedAt": "2022-12-15T14:42:23.275Z",
"activeIntrospection": {
"id": "5d1b0249-a6fd-4d64-997a-99675ca6afac",
"applicationId": "5d1b0249-a6fd-4d64-997a-99675ca6afac",
"createdAt": "2022-08-05T07:42:54.562Z"
}
},
"configuration": {
"applicationId": "5d1b0249-a6fd-4d64-997a-99675ca6afac",
"content": {
"auth": {
"schema1": {
"tech": "manual"
}
},
"users": {
"user0": {
"auth": "schema1",
"headers": {
"hello": "world"
}
}
},
"checks": {},
"params": {
"environment_mode": "dev"
}
},
"createdAt": "2022-08-08T10:32:37.140Z",
"isAuthenticationValid": true,
"isConfigurationValid": true,
"readWrite": true,
"updatedAt": "2022-08-08T10:32:37.140Z",
"applicationUsers": [
{
"headerName": "hello",
"headerValue": "world",
"name": "user0"
}
]
},
"alerts": [
{
"id": "99679d55-b4f5-4edb-b558-4c1cefda870c",
"status": "NO_STATUS",
"severity": "HIGH",
"tags": [],
"securityTestUid": "injection/xxe"
},
...,
]
}
POST /application/:applicationId/start-scan
Start a new scan for the given application.
Request body parameters
You can pass additional parameters via the request body.
configurationOverride string
See the configuration override section.
commitHash string
See the commit identification section.
introspection string
The stringified JSON introspection. See the introspection update section.