VMware AppDefense provides a RESTful HTTP API for reading and modifying data via the cloud management console. The AppDefense API uses JSON for all requests and replies and uses the GET, PUT, POST, and DELETE HTTP verbs. All requests are over TLS / HTTPS and the AppDefense server presents a CA-signed TLS certificate.
All API requests require an authorized client. Clients obtain an API key for AppDefense in the AppDefense UI at https://appdefense.vmware.com/app/console/integrations. The API key is currently a JSON Web Token (JWT), however, clients should treat API keys as opaque tokens that might be changed to a non-JWT token at some future date without notice. To authenticate, the client should include their API token in the Authorization HTTP header as a "Bearer" token. API tokens do not currently expire, but they can be manually revoked by the customer via the AppDefense UI. If an API token is incorrect or expired, the AppDefense API will return a 403 Forbidden response.
Now let’s try to query the alarms in an Org using Postman –
Step 1 - Navigate to the "Integrations" tab under settings and select “Provision new API Key”
Step 2 – Copy the endpoint URL & API Key
Step 3 – Open Postman client and under ‘Authorization’ tab select type ‘Bearer Token’ and paste API key in the Token field.
Step 4 – Use the endpoint URL and the method specified for an API to query the cloud management console. In the below screenshot I have used the API to pull all the active alarms in my Org.
Similarly, if you want to list the scopes in your org you execute
“GET: https://appdefense.vmware.com/partnerapi/v1/orgs/{org-id}/scopes”
Hope this quick how to use Partner API helps you in your day to day administration of AppDefense!
How to locate the Partner REST API Documentation : https://communities.vmware.com/docs/DOC-40563
Happy AppDefending!
The AppDefense Architect Team.
