Wallarm API overview¶
Wallarm API provides interaction between components of the Wallarm system. You can use Wallarm API methods to create, get, or update the following instances:
-
vulnerabilities
-
attacks
-
incidents
-
users
-
clients
-
filter nodes
-
etc.
Description of API methods is given in the API Reference by the link:
API endpoint¶
API requests are sent to the following URL:
Authentication of API requests¶
The method of API requests authentication depends on the client sending the request:
API Reference UI¶
A token is used for request authentication. The token is generated after successful authentication in your Wallarm account.
-
Sign in to your Wallarm account using the link:
- https://my.wallarm.com/ for the EU cloud,
- https://us1.my.wallarm.com/ for the US cloud.
-
Refresh the API Reference page using the link:
- https://apiconsole.eu1.wallarm.com/ for the EU cloud,
- https://apiconsole.us1.wallarm.com/ for the US cloud.
-
Go to the required API method > the Try it out section, input parameter values, and Execute the request.
Your own client¶
Your UUID and secret key are used.
-
Sign in to your Wallarm account using the link:
- https://my.wallarm.com/ for the EU cloud,
- https://us1.my.wallarm.com/ for the US cloud.
-
Refresh the API Reference page using the link:
- https://apiconsole.eu1.wallarm.com/ for the EU cloud,
- https://apiconsole.us1.wallarm.com/ for the US cloud.
-
Send the
POST /v1/user
request without the parameters from the API Reference UI and copy theuuid
value from the response. -
Send the
POST /v1/user/renew_secret
request without the parameters from the API Reference UI and copy thesecret
value from the response.Reusing the
secret
valueThe request
POST /v1/user/renew_secret
generates a new value of the secret key and invalidates the previous value. To use the secret key securely:- Write down the
secret
value from the firstPOST /v1/user/renew_secret
call in a secure place. The secret key value will not be shown again. - Reuse the stored
secret
value in all requests to Wallarm API. - If you generated a new
secret
value, make sure the previous value is not used in other API clients. If the previous value is in use, replace it with the newly generated secret value.
- Write down the
-
Send the required request from your client passing the following values:
uuid
in theX‑WallarmAPI‑UUID
header parameter.secret
in theX‑WallarmAPI‑Secret
header parameter.
API restrictions¶
Wallarm limits the rate of API calls to 500 requests per second.
Wallarm approach to API development and documentation¶
Wallarm API Reference is a single page application (SPA) with all displayed data being dynamically fetched from the API. This design drives Wallarm to use the API-first approach when new data and functionality is initially made available in the public API and as the next step is described in the API Reference. Normally all new functionality is released in parallel in both public API and API Reference, but sometimes new API changes are released ahead of API Reference changes, and some functionality is available via the public API only.
Wallarm API Reference is generated from the Swagger file using the Swagger UI tool. API Reference provides an easy way to learn about available API endpoints, methods, and data structures. It also provides a simple way to try all available endpoints.