CG Scanning API V2
latest
  • latest
  • v5.0.0-beta1
HomeDocs
HomeDocs
latest
  • latest
  • v5.0.0-beta1
  • Getting Started
  • Authentication
  • Common Error Responses
  • Filtering Data
  • Authentication
    • User Confirmation
      • Confirm a User
      • Show confirmation form
    • User Invitation
      • Accept an invitation
      • Pre-Accept invitation check
    • Password Reset
      • Forgot Password
      • Reset Password
    • MFA
      • Check 2fa
      • Send SMS OTP
    • Impersonation
      • Impersonate user
      • Impersonate user
    • Sign in authentication
      POST
    • Sign out authentication
      DELETE
  • Organizations
    • Organization Subscriptions
      • Retrieves all subscriptions of organization
      • Retrieves all active subscriptions of organization
      • Show a subscription of organization
      • 'Update organization's subscription'
      • Assign features to a subscription
      • Revoke features from a subscription
    • Subscribe to a plan
      POST
    • List organizations
      GET
    • Create Organization
      POST
    • List dependent subscriptions
      GET
    • Show an organization
      GET
    • Update an organization
      PUT
    • Delete an organization
      DELETE
    • Subscribe an organization to a plan
      POST
    • Unsubscribe an organization from a plan
      POST
    • Move a user from one organization to another
      PUT
    • Export all organizations to a CSV file
      GET
  • Users
    • List Users
      GET
    • Create User
      POST
    • Show User
      GET
    • Update User
      PUT
    • Delete a User
      DELETE
    • Create Customer
      POST
    • Invite User
      PUT
    • Resend Confirmation Instructions
      PUT
    • Import Users
      POST
    • Check if a user can be deleted
      GET
    • Inherit all the resources from a user
      PUT
    • Export all users to a CSV file
      GET
    • Set partner
      PUT
    • Unset partner
      PUT
  • User
    • User 2FA
      • Enable 2FA
      • Verify 2FA installation
      • Disable 2FA
      • Lookup phone number
      • Default 2FA method
    • User Preferences
      • Get users notification preferences
      • Change users product
      • Enable user's event notification preference
      • Disable user's event notification preference
    • Get current user
    • Update current user
    • Change current user password
    • Get current user active plans (Not implemented yet)
    • Get organization members
    • Get current user products
    • Get current organization
    • Update current organization
    • Get subscriptions history
    • Change users product
    • Checks if authorization token is valid
    • Get current user permissions
    • Check if the user can be deleted
    • Transfers all the resources from the user to another user
    • Delete my account
  • Targets
    • List targets
    • Create Target
    • Show a target
    • Updates a target
    • Delete a target
    • Delete targets
  • Schedules
    • List Schedules
    • Create Schedule
    • Updates a schedule
    • Show a schedule
    • Delete a schedule
    • Delete schedules
    • Calculate First Time Schedule Date
    • Calculate Next Schedule Dates
  • Scans
    • Scan Hosts
      • List of hosts for a scan
      • Host details for a scan
    • Scan Vulnerabilities
      • List of vulnerabilities for a scan
      • Show vulnerability details
      • Statistics for a scan
    • List scans
    • Create Scan
    • Show a scan
    • Updates a scan
    • Delete a scan
    • Delete scans
    • Start a scan
    • Stop a scan
    • List upcoming scans
    • List recent scans that have been completed
    • List of the running scans
    • Create Scan from Wizard
  • Reports
    • List Reports
    • Show a report
    • Delete a report
    • Delete reports
    • Generates a report file
    • Downloads a report file
    • Check if a report file exists
  • Advanced Reports
    • List Advanced Reports
    • Create an advanced report
    • Show an advanced report
    • Update an advanced report
    • Delete an advanced report
    • Delete advanced reports
    • Generates an advanced report file
    • Downloads an advanced report file
  • Vulnerabilities
    • List of vulnerabilities
    • Vulnerability details
    • Total Vulnerabilities (widget)
    • Top Vulnerabilities (widget)
    • PCI Compliant (widget)
    • AI sessions of Vulnerabilities
    • AI session of Vulnerability
    • Chat history about a given Vulnerability
    • Send prompt about a given Vulnerability
  • Exceptions
    • List Exceptions
    • Create Exception
    • Update Exception
    • Show an exception
    • Delete an exception
    • Show exception details
    • Delete exceptions
    • Activate exceptions
    • Reset exceptions
    • Show the exceptions statistics
  • Scanners
    • List scanners
    • Create scanner
    • Show scanner
    • Update scanner
    • Delete scanner
    • List activated scanners
    • Activate scanner
    • Deactivate scanner
    • Update scanner app type
    • Assign a scanner to an organization
    • Verify a scanner
  • Port Lists
    • List port lists
    • Create a port list
    • Show a port list
    • Update a port list
    • Delete a port list
    • List activated port lists
    • Add a port range to a port list
    • Delete a port range to a port list
    • Activate a port list
    • Deactivate a port list
    • Updates the app_type of a port list
    • Sync the a port lists
  • Subscriptions
  • Hosts
    • List of hosts
    • Host details
    • List of most vulnerable hosts
  • Notifications
    • List Notifications
    • Show a notification
    • Delete a notification
    • Mark as read a notification
    • Mark as seen a notification
    • Mark as read all notifications
    • Mark as seen all notifications
  • Whitelabel
  • Webhooks
    • Deliveries
      • List all deliveries for a webhook
      • Get a delivery for a webhook
    • List all webhooks
    • Create a webhook
    • Show a webhook
    • Update a webhook
    • Delete a webhook
    • Activate a webhook
    • Deactivate a webhook
  • Webhook Events
    • Scan Events
  • Audit
    • Get all events
    • Get event by id
    • Delete event by id
  • Whitelabel Settings
    • Show the white label settings
    • Update white label settings

Authentication

Authentication#

Our API provides flexible authentication options to suit different use cases. This section explains how to authenticate using credentials, Two-Factor Authentication (2FA), or ussing the Access Tokens.

Authenticate with Username and Password#

Use this method to authenticate with a user's credentials (username and password). Depending on whether 2FA is enabled, the process may require an additional step.
API Key required
All API requests must include the API key in the headers. This is required for all endpoints, regardless of the authentication method used.
# Headers Example
x-api-key: your-api-key
Without 2FA
With 2FA
1.
Send a POST request to /auth/sign_in with the username and password.
2.
The server responds with an authentication token, which must be included in the Authorization header for subsequent requests.

Example Request#

POST /auth/sign_in
Content-Type: application/json

  {
    "username": "your_username",
    "password": "your_password"
  }

Example Response#

{
    "token": "your-auth-token",
}

Authorization Header for Subsequent Requests:#

Authorization: Bearer your-auth-token

Authentication with Access Token#

The Access Token method allows long-term authentication without requiring a login for each session. This is ideal for applications or scripts that need to interact with the API regularly.

Generate an Access Token#

Access Tokens can be generated in the My Settings section of the portal or by using the PUT /v2/user/generate_access_token endpoint. Once generated, the token does not expire and can be used for all API requests.

Use an Access Token#

Include the token in the Authorization header of your requests:
Authorization: Basic your-access-token
Modified at 2024-11-15 15:41:30
Previous
Getting Started
Next
Common Error Responses
Built with