Beagle web API

Select version
Download Java SDK from Maven
Note: Beagle Security API v1 has been deprecated. We recommend that you upgrade to v2.

The Beagle Security API allows developers to work with Projects, Applications and run tests in a more customizable manner. The v2 APIs are engineered to be flexible and intuitive to help your team get the most out of the Beagle Security platform.

All Beagle Security APIs are built using REST conventions and use standard HTTP features. The Beagle Security API calls are made under https://api.beaglesecurity.com and all responses return standard JSON.

It passes the access token as the bearer token in the authorization header. The access token can be generated from your Beagle Security account. Go to Profile --> Personal access token and click on the “New personal access token” button. You can refer to this help article for the detailed steps.

While generating an access token, remember to include all the relevant Scope for the particular token. Make sure to keep the token safe as it cannot be viewed later.

Project
The APIs listed under this section are related to Projects in Beagle Security. In Beagle Security, Projects are used to group different applications together.
Create a project
Used to create a new project.
API
POST https://api.beaglesecurity.com/rest/v2/projects
Required scope: edit_project
Request headers
Content-Type: application/json
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Request body
namestringrequired
Name of the project
descriptionstringrequired
Description of the project
Response
namestring
Name of the project
descriptionstring
Description of the project
projectKeystring
A unique key for identifying the project
codestring
Status code for the API call.
Values are:
  • SUCCESSAPI call is success
  • PLAN_NOT_SUPPORTEDYour plan does not support this feature.
  • PROJECT_ALREADY_EXISTSProject already exists in your account.
  • INVALID_SESSIONInvalid session
  • FAILEDFailed to create project.
  • NOT_AUTHORIZEDUser authentication failed.
messagestring
Success/failure message for the API call

Example request
curl --location --request POST \
'https://api.beaglesecurity.com/rest/v2/projects' \
--header 'Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' \
--header 'Content-Type: application/json' \
--data-raw '{
    "name": "Default project",
    "description": "This is a default project."
}'
                                    
// This token will be generated from Beagle security settings -> Access token
BeagleSecurityClient client = BeagleSecurityClientBuilder.instance()
    .withAPIToken("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
    .build();

// create a project
String projectName = "Default project";
String description = "This is a default project";
Project project = client.createProject(projectName, description);
                                    
Response
201 400 401
                                        {
    "name": "Default project",
    "description": "This is a default project.",
    "projectKey": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "code": "SUCCESS",
    "message": "Success."
}
                                    
                                        {
    "code": "INVALID_SESSION",
    "message": "Given token is invalid"
}
                                    
                                        {
    "code": "NOT_AUTHORIZED",
    "message": "Not authorized"
}
                                    
Modify a project
Used to modify details of an existing project.
API
PUT https://api.beaglesecurity.com/rest/v2/projects
Required scope: edit_project
Request headers
Content-Type: application/json
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Request body
projectKeystringrequired
Success/failure message for the API call
namestringrequired
Name of the project
descriptionstringrequired
Description of the project
Response
namestring
Name of the project
descriptionstring
Description of the project
projectKeystring
A unique key for identifying the project
codestring
Status code for the API call
Values are:
  • SUCCESSAPI call is success
  • PLAN_NOT_SUPPORTEDYour plan does not support this feature.
  • PROJECT_ALREADY_EXISTSProject already exists in your account.
  • INVALID_PROJECT_KEYProject key is invalid.
  • INVALID_SESSIONInvalid session
  • FAILEDFailed to modify project.
  • NOT_AUTHORIZEDUser authentication failed.
messagestring
Success/failure message for the API call

Example request
curl --location --request PUT \
'https://api.beaglesecurity.com/rest/v2/projects' \
--header 'Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' \
--header 'Content-Type: application/json' \
--data-raw '{
    "projectKey": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "name": "Default project",
    "description": "This is a default project."
}'
                                    
This token will be generated from Beagle security settings -> Access token
BeagleSecurityClient client = BeagleSecurityClientBuilder.instance()
    .withAPIToken("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
    .build();

// Modify a project
UUID projectKey = UUID.fromString("xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx");
String projectName = "Default project";
String description = "This is a default project.";
Project project = client.modifyProject(projectKey, projectName, description);

                                    
Response
200 400 401
                                        {
    "name": "Default project",
    "description": "This is a default project.",
    "projectKey": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "code": "SUCCESS",
    "message": "Success."
}
                                    
                                        {
    "code": "INVALID_PROJECT_KEY",
    "message": "Given project key is not valid."
}
                                    
                                        {
    "code": "NOT_AUTHORIZED",
    "message": "Not authorized"
}
                                
Delete a project
Used to delete details of an existing project.
API
DELETE https://api.beaglesecurity.com/rest/v2/projects?project_key={project_key}
Required scope: edit_project
Request headers
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Request parameter
project_keystringrequired
A unique key for identifying the project
Response
namestring
Name of the project
descriptionstring
Description of the project
projectKeystring
A unique key for identifying the project
codestring
Status code for the API call
Values are:
  • SUCCESSAPI call is success
  • PLAN_NOT_SUPPORTEDYour plan does not support this feature.
  • PROJECT_ALREADY_EXISTSProject already exists in your account.
  • INVALID_PROJECT_KEYProject key is invalid.
  • INVALID_SESSIONInvalid session
  • FAILEDFailed to delete project.
  • NOT_AUTHORIZEDUser authentication failed.
messagestring
Success/failure message for the API call

Example request
curl --location --request DELETE \
'https://api.beaglesecurity.com/rest/v2/projects?project_key=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' \
--header 'Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
                                    
// This token will be generated from Beagle security settings -> Access token
BeagleSecurityClient client = BeagleSecurityClientBuilder.instance()
    .withAPIToken("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
    .build();

// Delete a project
UUID projectKey = UUID.fromString("xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx");
Project project = client.deleteProject(projectKey);
                                    
Response
200 400 401
                                        {
    "name": "Default project",
    "description": "This is a default project.",
    "projectKey": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "code": "SUCCESS",
    "message": "Success."
}
                                    
                                        {
    "code": "INVALID_SESSION",
    "message": "Given token is invalid"
}
                                    
                                        {
    "code": "NOT_AUTHORIZED",
    "message": "Not authorized"
}
                                
Create project in a team
Used to create a new project in a team.
API
POST https://api.beaglesecurity.com/rest/v2/projects?teamId={teamId}
Required scope: edit_project
Request headers
Content-Type: application/json
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Request parameter
teamIdstringrequired
Unique id of the team
Request body
namestringrequired
Name of the project
descriptionstringrequired
Description of the project
Response
namestring
Name of the project
descriptionstring
Description of the project
projectKeystring
A unique key for identifying the project
codestring
Status code for the API call.
Values are:
  • SUCCESSAPI call is success
  • PLAN_NOT_SUPPORTEDYour plan does not support this feature.
  • PROJECT_ALREADY_EXISTSProject already exists in your account.
  • INVALID_SESSIONInvalid session
  • FAILEDFailed to create project.
  • NOT_AUTHORIZEDUser authentication failed.
messagestring
Success/failure message for the API call

Example request
curl --location --request POST \
'https://api.beaglesecurity.com/rest/v2/projects?teamId=xxxxxxxxxx' \
--header 'Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' \
--header 'Content-Type: application/json' \
--data-raw '{
    "name": "Default project",
    "description": "This is a default project."
}'
                                    
// This token will be generated from Beagle security settings -> Access token
BeagleSecurityClient client = BeagleSecurityClientBuilder.instance()
    .withAPIToken("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
    .build();

// create a project
String projectName = "Default project";
String description = "This is a default project";
String teamId = "xxxxxxxxxx";
Project verifyStstus = client.createProject(projectName, description, teamId);
                                    
Response
201 400 401
                                        {
    "name": "Default project",
    "description": "This is a default project.",
    "projectKey": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "code": "SUCCESS",
    "message": "Success."
}
                                    
                                        {
    "code": "INVALID_SESSION",
    "message": "Given token is invalid"
}
                                    
                                        {
    "code": "NOT_AUTHORIZED",
    "message": "Not authorized"
}
                                
Read all projects & applications
Used to read all projects and applications a user has access to. The projects and applications under a team are not included.
API
GET https://api.beaglesecurity.com/rest/v2/projects
Required scope: read_project
Request headers
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Example request
curl --location --request GET  \
'https://api.beaglesecurity.com/rest/v2/projects' \
--header 'Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
                                    
// This token will be generated from Beagle security settings -> Access token
BeagleSecurityClient client = BeagleSecurityClientBuilder.instance()
    .withAPIToken("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
    .build();

// Gets all the projects and its applications under a user
List<ProjectWithApplication> projects = client.getAllProjects();
                                    
Response
200 400 401
                                        {
    "code": "SUCCESS",
    "message": "Success",
    "projects": [
        {
            "name": "Default project",
            "description": "New project",
            "projectKey": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
            "applications": [
                {
                    "name": "Default application",
                    "url": "http://196.168.0.7:80",
                    "applicationToken": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
                    "applicationType": "API",
                    "signatureStatus": "Verified",
                    "hostingType": "internal"
                },
                {
                    "name": "Default application 2",
                    "url": "http://example.com",
                    "applicationToken": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
                    "applicationType": "WEB",
                    "signatureStatus": "NotVerified",
                    "hostingType": "public"
                },

            ]
        },
        {
            "name": "Default project 2",
            "description": "New project",
            "projectKey": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
            "applications": [
                {
                    "name": "Default application 3",
                    "url": "http://example2.com",
                    "applicationToken": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
                    "applicationType": "WEB",
                    "signatureStatus": "Verified",
                    "hostingType": "public"
                }
            ]
        }
    ]
}
                                    
                                        {
    "code": "FAILED",
    "message": "Failed to get projects."
}
                                    
                                        {
    "code": "NOT_AUTHORIZED",
    "message": "Not authorized"
}
                                
Read all projects & applications (Team included)
Used to read all projects and applications a user has access to, including those under the team.
API
GET https://api.beaglesecurity.com/rest/v2/projects?include_team=true
Required scope: read_project
Request headers
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Example request
curl --location --request GET \
'https://api.beaglesecurity.com/rest/v2/projects?include_team=true' \
--header 'Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
                                    
// This token will be generated from Beagle security settings -> Access token
BeagleSecurityClient client = BeagleSecurityClientBuilder.instance()
    .withAPIToken("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
    .build();

// Gets all the projects and its applications (with team)
ProjectWithTeam projects = client.getAllProjectWithTeams();
                                    
Response
200 400 401
                                        {
    "myProjects":[
        {
            "name": "My project 1",
            "description": "New project 1",
            "projectKey": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
            "applications": [
                {
                    "name": "Test",
                    "url": "http://196.168.0.7:80",
                    "applicationToken": "3frv64jxnaa89okc20jfyys1n8dwhgnx",
                    "applicationType": "WEB",
                    "signatureStatus": "Verified",
                    "hostingType": "internal"
                },
                {
                    "name": "Example 1",
                    "url": "http://example.com",
                    "applicationToken": "loa3qt7wpe21gtrwqf9joseikl9taf0y",
                    "applicationType": "WEB",
                    "signatureStatus": "NotVerified",
                    "hostingType": "public"
                }
            ]
        },
        {
            "name": "My project 2",
            "description": "New project 2",
            "projectKey": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
            "applications": [
                {
                    "name": "Example 2",
                    "url": "http://example2.com",
                    "applicationToken": "v1nqb9zs8xy9092rsb3gtdm391cbw86d",
                    "applicationType": "API",
                    "signatureStatus": "Verified",
                    "hostingType": "public"
                }
            ]
        }
    ],
    "teamProjects": [
        {
            "teamName": "My team",
            "teamId": "xxxxxxxxxx",
            "projects": [
                {
                    "name": "Project 1",
                    "description": "Test project 1",
                    "projectKey": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
                    "applications": [
                        {
                            "name": "App 1",
                            "url": "https://example1.com",
                            "applicationToken": "bn8gp2a5n91z2nzflvcu46zuegv1zf2y",
                            "applicationType": "API",
                            "signatureStatus": "NotVerified",
                            "hostingType": "public"
                        },
                        {
                            "name": "App 2",
                            "url": "https://example2.com",
                            "applicationToken": "27u2f8odvv27rfx3pi7nfduwu9uey2gw",
                            "applicationType": "WEB",
                            "signatureStatus": "NotVerified",
                            "hostingType": "public"
                        },
                    ]
                },
                {
                    "name": "Project 2",
                    "description": "Test project 2",
                    "projectKey": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
                    "applications": [
                        {
                            "name": "App 4",
                            "url": "https://example4.com",
                            "applicationToken": "c2bzdnqzlwtxer7pczakwr4ly5zas1qa",
                            "applicationType": "WEB",
                            "signatureStatus": "Verified",
                            "hostingType": "public"
                        }
                    ]
                },
                {
                    "name": "Project 3",
                    "description": "Test project 3",
                    "projectKey": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
                    "applications": [
                        {
                            "name": "App 5",
                            "url": "http://example5.com",
                            "applicationToken": "l1zqu4a7b7pmynxxsfdxyupd1bglzx0k",
                            "applicationType": "WEB",
                            "signatureStatus": "NotVerified",
                            "hostingType": "public"
                        },
                        {
                            "name": "App 6",
                            "url": "https://example6.com",
                            "applicationToken": "2epytana9nwrdnqmmi0f90kgox09tb8r",
                            "applicationType": "API",
                            "signatureStatus": "Verified",
                            "hostingType": "public"
                        }
                    ]
                }
            ]
        }
    ],
    "code":"SUCCESS",
    "message":"Success."
}
                                    
                                        {
    "code": "FAILED",
    "message": "Failed to get projects."
}
                                    
                                        {
    "code": "NOT_AUTHORIZED",
    "message": "Not authorized"
}
                                
Application
The APIs listed under this section are related to Applications in Beagle Security. Applications are URLs that can be either a Web application or an API.
Create an application
Used to create a new application.
API
POST https://api.beaglesecurity.com/rest/v2/applications
Required scope: edit_project
Request headers
Content-Type: application/json
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Request body
namestringrequired
Name of the application
urlstringrequired
URL of the application
projectKeystringrequired
A unique key for identifying the project
typestringrequired
Used to specific whether it's WEB or API. If left blank, default will be set to WEB.
Possible values are:
  • WEBCurrent application is a WEB.
  • APICurrent application is a API.
Response
namestring
Name of the application
urlstring
URL of the application
applicationTokenstring
A unique token for identifying the application in your account
projectKeystring
A unique key for identifying the project
signatureStatusstring
Used to know the domain verification status of the application
Possible values are:
  • VerifiedApplication is verified.
  • NotVerifiedApplication is not verified.
hostingTypestring
Used to specific whether it's WEB or API. If left blank, default will be set to WEB.
Possible values are:
  • WEBCurrent application is a WEB.
  • APICurrent application is a API.
codestring
Status code for the API call
Values are:
  • SUCCESSAPI call is success
  • PLAN_NOT_SUPPORTEDYour plan does not support this feature.
  • INVALID_URLInvalid application URL
  • URL_ALREADY_ADDEDApplication URL already exist in your account.
  • INVALID_PROJECT_KEYProject key is invalid.
  • INVALID_SESSIONInvalid session
  • FAILEDFailed to create applications.
  • NOT_AUTHORIZEDUser authentication failed.
messagestring
Success/failure message for the API call

Example request
curl --location --request POST \
'https://api.beaglesecurity.com/rest/v2/applications' \
--header 'Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' \
--header 'Content-Type: application/json' \
--data-raw '{
    "name": "Default application",
    "url": "https://example.com",
    "projectKey": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "type": "WEB"
}'
                                    
// This token will be generated from Beagle security settings -> Access token
BeagleSecurityClient client = BeagleSecurityClientBuilder.instance()
    .withAPIToken("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
    .build();

// Create application
String applicationName = "Default application";
String url = "https://example.com";
UUID projectKey = UUID.fromString("xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx");
ApplicationType  applicationType =  ApplicationType.WEB;
Application application = client.createApplication(applicationName, url, projectKey, applicationType); 
                                    
Response
201 400 401
                                        {
    "name": "Default application",
    "url": "https://example.com",
    "applicationToken": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    "projectKey": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "signatureStatus": "NotVerified",
    "hostingType": "WEB",
    "code": "SUCCESS",
    "message": "Success."
}
                                    
                                        {
    "code": "URL_ALREADY_ADDED",
    "message": "Given url is already added as an application."
}
                                    
                                        {
    "code": "NOT_AUTHORIZED",
    "message": "Not authorized"
}
                                
Get an application using application token
Used to get details of an application using an application token in your Beagle Security account.
API
GET https://api.beaglesecurity.com/rest/v2/applications?application_token={application_token}
Required scope: read_project
Request headers
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Request parameter
application_tokenstringrequired
A unique key for identifying the project
Response
codestring
Status code for the API call
Values are:
  • SUCCESSAPI call is success
  • PLAN_NOT_SUPPORTEDYour plan does not support this feature.
  • NVALID_APPLICATION_TOKENInvalid application token provided
  • INVALID_PROJECT_KEYProject key is invalid.
  • INVALID_SESSIONInvalid session
  • FAILEDFailed to get application.
  • NOT_AUTHORIZEDUser authentication failed.
messagestring
Success/failure message for the API call
applicationobject
Application object which contains details of an application

Example request
curl --location --request GET \
'https://api.beaglesecurity.com/rest/v2/applications?application_token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' \
--header 'Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
                                    
// This token will be generated from Beagle security settings -> Access token
BeagleSecurityClient client = BeagleSecurityClientBuilder.instance()
    .withAPIToken("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
    .build();

// Get application
String applicationToken = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
Application application = client.getApplication(applicationToken);
                                    
Response
200 400 401
                                        {
    "code": "SUCCESS",
    "message": "Success",
    "application": {
        "name": "Test",
        "url": "http://196.168.0.7:80",
        "applicationToken": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
        "applicationType": "WEB",
        "signatureStatus": "Verified",
        "hostingType": "internal"
    }
}
                                    
                                        {
    "code": "INVALID_APPLICATION_TOKEN",
    "message": "Given token is invalid"
}
                                    
                                        {
    "code": "NOT_AUTHORIZED",
    "message": "Not authorized"
}
                                
Modify a application
Used to modify details of an existing application.
API
PUT https://api.beaglesecurity.com/rest/v2/applications
Required scope: edit_project
Request headers
Content-Type: application/json
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Request body
namestringrequired
Name of the application
urlstringrequired
URL of the application
applicationTokenstringrequired
A unique token for identifying the application in your account
Response
namestring
Name of the application
urlstring
URL of the application
applicationTokenstring
A unique token for identifying the application in your account
projectKeystring
A unique key for identifying the project
signatureStatusstring
Used to know the domain verification status of the application
Possible values are:
  • VerifiedApplication is verified.
  • NotVerifiedApplication is not verified.
hostingTypestring
Used to specific whether it's WEB or API. If left blank, default will be set to WEB.
Possible values are:
  • WEBCurrent application is a WEB.
  • APICurrent application is a API.
codestring
Status code for the API call
Values are:
  • SUCCESSAPI call is success
  • PLAN_NOT_SUPPORTEDYour plan does not support this feature.
  • INVALID_URLInvalid application URL
  • URL_ALREADY_ADDEDApplication URL already exist in your account.
  • INVALID_PROJECT_KEYProject key is invalid.
  • INVALID_SESSIONInvalid session
  • FAILEDFailed to modify application.
  • NOT_AUTHORIZEDUser authentication failed.
messagestring
Success/failure message for the API call

Example request
curl --location --request PUT \
'https://api.beaglesecurity.com/rest/v2/applications' \
--header 'Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' \
--header 'Content-Type: application/json' \
--data-raw '{
    "name": "Default app",
    "url": "https://example.com",
    "applicationToken": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
}'
                                    
// This token will be generated from Beagle security settings -> Access token
BeagleSecurityClient client = BeagleSecurityClientBuilder.instance()
    .withAPIToken("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
    .build();

// Modify application
String applicationToken = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
String applicationName = "Default app";
String url = "https://example.com";
Application application = client.modifyApplication(applicationToken, applicationName, url);
                                    
Response
200 400 401
                                        {
    "name": "Default app",
    "url": "https://example.com",
    "applicationToken": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    "projectKey": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "signatureStatus": "Verified",
    "hostingType": "API",
    "code": "SUCCESS",
    "message": "Success."
}
                                    
                                        {
    "code": "FAILED",
    "message": "Failed to get application(s)."
}
                                    
                                        {
    "code": "NOT_AUTHORIZED",
    "message": "Not authorized"
}
                                
Delete an application
Used to delete an existing application.
API
DELETE https://api.beaglesecurity.com/rest/v2/applications?application_token={application_token}
Required scope: edit_project
Request headers
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Request parameter
application_tokenstringrequired
A unique token for identifying the application in your account
Response
namestring
Name of the application
urlstring
URL of the application
applicationTokenstring
A unique token for identifying the application in your account
projectKeystring
A unique key for identifying the project
signatureStatusstring
Used to know the domain verification status of the application
Possible values are:
  • VerifiedApplication is verified.
  • NotVerifiedApplication is not verified.
hostingTypestring
Used to specific whether it's WEB or API. If left blank, default will be set to WEB.
Possible values are:
  • WEBCurrent application is a WEB.
  • APICurrent application is a API.
codestring
Status code for the API call
Values are:
  • SUCCESSAPI call is success
  • PLAN_NOT_SUPPORTEDYour plan does not support this feature.
  • INVALID_URLInvalid application URL
  • URL_ALREADY_ADDEDApplication URL already exist in your account.
  • INVALID_PROJECT_KEYProject key is invalid.
  • INVALID_SESSIONInvalid session
  • FAILEDFailed to delete application.
  • NOT_AUTHORIZEDUser authentication failed.
messagestring
Success/failure message for the API call

Example request
curl --location --request DELETE \
'https://api.beaglesecurity.com/rest/v2/applications?application_token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' \
--header 'Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
                                    
// This token will be generated from Beagle security settings -> Access token
BeagleSecurityClient client = BeagleSecurityClientBuilder.instance()
    .withAPIToken("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
    .build();

// Delete application
String applicationToken = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
Application application = client.deleteApplication(applicationToken);
                                    
Response
200 400 401
                                        {
    "name": "Default name",
    "url": "https://example.com",
    "applicationToken": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    "projectKey": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "signatureStatus": "Verified",
    "hostingType": "API",
    "code": "SUCCESS",
    "message": "Success."
}
                                    
                                        {
    "code": "TEST_RUNNING",
    "message": "A test for this application is running. Cannot delete."
}
                                    
                                        {
    "code": "NOT_AUTHORIZED",
    "message": "Not authorized"
}
                                
Read all applications under a project
Used to read all the applications under a project.
API
GET https://api.beaglesecurity.com/rest/v2/applications?project_key={project_key}
Required scope: read_project
Request headers
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Request parameter
project_keystringrequired
A unique key for identifying the project
Response
codestring
Status code for the API call
Values are:
  • SUCCESSAPI call is success
  • PLAN_NOT_SUPPORTEDYour plan does not support this feature.
  • NVALID_APPLICATION_TOKENInvalid application token provided
  • INVALID_PROJECT_KEYProject key is invalid.
  • INVALID_SESSIONInvalid session
  • FAILEDFailed to get applications.
  • NOT_AUTHORIZEDUser authentication failed.
messagestring
Success/failure message for the API call
applicationsarray
It contains array of applications under the given project

Example request
curl --location --request GET \
'https://api.beaglesecurity.com/rest/v2/applications?project_key=xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx' \
--header 'Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
                                    
// This token will be generated from Beagle security settings -> Access token
BeagleSecurityClient client = BeagleSecurityClientBuilder.instance()
    .withAPIToken("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
    .build();

// Get all applications under a project
UUID projectKey = UUID.fromString("xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx");
List<Application> application = client.getApplications(projectKey); 
                                    
Response
200 400 401
                                        {
    "code": "SUCCESS",
    "message": "Success",
    "applications": [
        {
            "name": "Example 1",
            "url": "http://196.168.0.7:80",
            "applicationToken": "3frv64jxnaa89okc20jfyys1n8dwhgnx",
            "applicationType": "WEB",
            "signatureStatus": "Verified",
            "hostingType": "internal"
        },
        {
            "name": "Example 2",
            "url": "http://johndoe.com",
            "applicationToken": "loa3qt7wpe21gtrwqf9joseikl9taf0y",
            "applicationType": "WEB",
            "signatureStatus": "NotVerified",
            "hostingType": "public"
        },
        {
            "name": "Example 3",
            "url": "https://example.com",
            "applicationToken": "qcyqpuhski5l57rfjcqwjg82mng9un1s",
            "applicationType": "WEB",
            "signatureStatus": "NotVerified",
            "hostingType": "public"
        },
        {
            "name": "Example 4",
            "url": "https://192.168.1.1:1234",
            "applicationToken": "4n49wavb2tc1bale4dt3sv6207v9rhtz",
            "applicationType": "API",
            "signatureStatus": "Verified",
            "hostingType": "internal"
        }
    ]
}
                                    
                                        {
    "code": "PLAN_NOT_SUPPORTED",
    "message": "Your plan does not support this feature."
}
                                    
                                        {
    "code": "NOT_AUTHORIZED",
    "message": "Not authorized"
}
                                
Domain verification
The APIs listed under this section are related to the domain verification process in Beagle Security. Domain verification is a process to make sure that a rightful owner or authorized person is carrying out the security test of a particular domain.
Get domain verification signature
Used to get the signature for domain verification process.
API
GET https://api.beaglesecurity.com/rest/v2/applications/signature?application_token={application_token}
Required scope: signature_verify
Request headers
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Request parameter
application_tokenstringrequired
A unique token for identifying the application in your account
Response
statusstring
Used to know the domain verification status of the application
urlstring
URL of the application
codestring
Status code for the API call
Values are:
  • SUCCESSAPI call is success
  • PLAN_NOT_SUPPORTEDYour plan does not support this feature.
  • INVALID_SESSIONInvalid session
  • FAILEDFailed to get signature details.
  • NOT_AUTHORIZEDUser authentication failed.
messagestring
Success/failure message for the API call
fileSignatureobject
Object contains file verification details
dnsSignatureobject
Object contains dns verification details
apiSignatureobject
Object contains api verification details

Example request
curl --location --request GET \
'https://api.beaglesecurity.com/rest/v2/applications/signature?application_token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' \
--header 'Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
                                    
// This token will be generated from Beagle security settings -> Access token
BeagleSecurityClient client = BeagleSecurityClientBuilder.instance()
    .withAPIToken("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
    .build();

// Get domain verification signature
String applicationToken = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
Signature signature = client.getSignature(applicationToken); 
                                    
Response
200 400 401
                                        {
    "status": "NotVerified",
    "url": "https://example.com",
    "code": "SUCCESS",
    "message": "Success.",
    "fileSignature": {
        "signature": "_6r9lcxjztpnlps4sby648drxmz02zdlb"
    },
    "dnsSignature": {
        "type": "TXT",
        "name": "_31tervvaz40jy7bn543hux0hji296ovd",
        "value": "_6r9lcxjztpnlps4sby648drxmz02zdlb"
    },
    "apiSignature": {
        "type": "API",
        "path": "_31tervvaz40jy7bn543hux0hji296ovd",
        "value": "_6r9lcxjztpnlps4sby648drxmz02zdlb"
    }
}
                                    
                                        {
    "code": "INVALID_SESSION",
    "message": "Given token is invalid."
}
                                    
                                        {
    "code": "NOT_AUTHORIZED",
    "message": "Not authorized"
}
                                
Complete domain verification
Used to verify signature and complete the domain verification process.
API
POST https://api.beaglesecurity.com/rest/v2/applications/signature/verify
Required scope: signature_verify
Request headers
Content-Type: application/json
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Request body
applicationTokenstringrequired
A unique token for identifying the application in your account
signatureTypestringrequired
Type of domain verification method
pluginTypestringrequired
Used to specify plugin type if your are using plugin type domain verification
Response
codestring
Status code for the API call
Values are:
  • SUCCESSAPI call is success
  • SUCCESSSignature verification success
  • PLAN_NOT_SUPPORTEDYour plan does not support this feature.
  • INVALID_SESSIONInvalid session
  • INVALID_PLUGIN_TYPEInvalid plugi type provided
  • FAILEDFailed to complete domain verification.
  • NOT_AUTHORIZEDUser authentication failed.
messagestring
Success/failure message for the API call

Example request
curl --location --request GET \
'https://api.beaglesecurity.com/rest/v2/applications/signature/verify ' \
--header 'Authorization: Bearer dktir7e0ebkt4nj3ttzu5c0h2gf9hl1d' \
--header 'Content-Type: application/json' \
--data-raw '{
    "applicationToken": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx",
    "signatureType": "FILE",
    "pluginType": "WORDPRESS"
}'
                                    
// This token will be generated from Beagle security settings -> Access token
BeagleSecurityClient client = BeagleSecurityClientBuilder.instance()
    .withAPIToken("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
    .build();

// Get domain verification signature
String applicationToken = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
SignatureType signatureType = SignatureType.File;
PluginType pluginType = PluginType.WORDPRESS;
Boolean verifyStatus = client.verifySignature(applicationToken, signatureType, pluginType);
                                    
Response
200 400 401
                                        {
    "code": "SUCCESS",
    "message": "Verification success."
}
                                    
                                        {
    "code": "FAILED",
    "message": "Verification failed."
}
                                    
                                        {
    "code": "NOT_AUTHORIZED",
    "message": "Not authorized"
}
                                
Testing
The APIs listed under this section are related to the automated penetration tests in Beagle Security.
Start a test
Used to start a test.
API
POST https://api.beaglesecurity.com/rest/v2/test/start
Required scope: run_test
Request headers
Content-Type: application/json
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Request body
applicationTokenstringrequired
A unique token for identifying the application in your account
Response
codestring
Status code for the API call
Values are:
  • SUCCESSAPI call is success
  • INVALID_SESSIONInvalid session
  • FAILEDFailed to start test.
  • NOT_AUTHORIZEDUser authentication failed.
statusUrlstring
URL for getting test status
resultUrlstring
URL for getting test result
resultTokenstring
A unique key for identify result session
messagestring
Success/failure message for the API call

Example request
curl --location --request POST \
'https://api.beaglesecurity.com/rest/v2/test/start' \
--header 'Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' \
--header 'Content-Type: application/json' \
--data-raw '{
    "applicationToken": "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
}'
                                    
// This token will be generated from Beagle security settings -> Access token
BeagleSecurityClient client = BeagleSecurityClientBuilder.instance()
    .withAPIToken("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
    .build();

// Start a test
String applicationToken = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
StartTest startTestResult = client.startTest(applicationToken);
                                    
Response
200 400 401
                                        {
    "code": "SUCCESS",
    "statusUrl": "https://api.dev.beaglesecure.com/rest/v2/test/status",
    "resultUrl": "https://api.dev.beaglesecure.com/rest/v2/test/result",
    "resultToken": "1ry0hrn7bt8kwiuayrul7a2ka8vp7if5",
    "message": "Test has been started successfully."
}
                                    
                                        {
    "code": "INVALID_SESSION",
    "message": "Given token is invalid"
}
                                    
                                        {
    "code": "NOT_AUTHORIZED",
    "message": "Not authorized"
}
                                
Status of a test
Used to get the status of a running test.
API
GET https://api.beaglesecurity.com/rest/v2/test/status?application_token={applicationToken}&result_token={result_token}
Required scope: read_test_status
Request headers
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Request parameters
application_tokenstringrequired
A unique token for identifying the application in your account
result_tokenstringrequired
A unique key for identify result session
Response
statusstring
Status of the test
Possible values are:
  • runningTest is running
  • completedTest completed
progressinteger
Percentage of test completed
codestring
Status code for the API call
Values are:
  • SUCCESSAPI call is success
  • PLAN_NOT_SUPPORTEDYour plan does not support this feature.
  • INVALID_SESSIONInvalid session
  • FAILEDFailed to get test status.
  • NOT_AUTHORIZEDUser authentication failed.
messagestring
Success/failure message for the API call

Example request
curl --location --request GET \
'https://api.beaglesecurity.com/rest/v2/test/status?application_token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx&result_token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' \
--header 'Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
                                    
// This token will be generated from Beagle security settings -> Access token
BeagleSecurityClient client = BeagleSecurityClientBuilder.instance()
    .withAPIToken("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
    .build();

// Get test status
String applicationToken = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
String resultToken = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
TestStatus testStatus = client.getTestStatus(applicationToken, resultToken);
                                    
Response
200 400 401
                                        {
    "status": "running",
    "progress": 3,
    "code": "SUCCESS",
    "message": "Test is in progress."
}
                                    
                                        {
    "code": "FAILED",
    "message": "Get status failed."
}
                                    
Stop a test
Used to stop a test.
API
POST https://api.beaglesecurity.com/rest/v2/test/stop
Required scope: run_test
Request headers
Content-Type: application/json
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Request body
applicationTokenstringrequired
A unique token for identifying the application in your account
Response
codestring
Status code for the API call
Values are:
  • SUCCESSAPI call is success
  • PLAN_NOT_SUPPORTEDYour plan does not support this feature.
  • INVALID_SESSIONInvalid session
  • FAILEDFailed to stop test.
  • NOT_AUTHORIZEDUser authentication failed.
messagestring
Success/failure message for the API call

Example request
curl --location --request POST \
'https://api.beaglesecurity.com/rest/v2/test/stop' \
--header 'Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' \
--header 'Content-Type: application/json' \
--data-raw '{
    "applicationToken": "3frv64jxnaa89okc20jfyys1n8dwhgnx"
}' 
                                    
// This token will be generated from Beagle security settings -> Access token
BeagleSecurityClient client = BeagleSecurityClientBuilder.instance()
    .withAPIToken("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
    .build();

// Stop a test
String applicationToken = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
Boolean testStatus = client.stopTest(applicationToken);
                                    
Response
200 400 401
                                        {
    "code": "SUCCESS",
    "message": "Stop request has been sent successfully ."
}
                                    
                                        {
    "code": "FAILED",
    "message": "Stop test failed."
}
                                    
                                        {
    "code": "NOT_AUTHORIZED",
    "message": "Not authorized"
}
                                
Get test result in JSON format
Used to get the result of a completed test in JSON format.
API
GET https://api.beaglesecurity.com/rest/v2/test/result?application_token={applicationToken}&result_token={result_token}
Required scope: run_test
Request headers
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Request parameter
application_tokenstringrequired
A unique token for identifying the application in your account
result_tokenstringrequired
A unique key for identify result session
Response
codestring
Status code for the API call
Values are:
  • SUCCESSAPI call is success
  • PLAN_NOT_SUPPORTEDYour plan does not support this feature.
  • INVALID_SESSIONInvalid session
  • FAILEDFailed to get test result.
  • NOT_AUTHORIZEDUser authentication failed.
messagestring
Success/failure message for the API call
resultstring
Test result in JSON format

Example request
curl --location --request GET
'https://api.beaglesecurity.com/rest/v2/test/result?application_token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx&result_token=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' \
--header 'Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
                                    
// This token will be generated from Beagle security settings -> Access token
BeagleSecurityClient client = BeagleSecurityClientBuilder.instance()
    .withAPIToken("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
    .build();

// Get test result
String applicationToken = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
String resultToken = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
TestStatus testStatus = client.getTestResultJson(applicationToken, resultToken);
                                    
Response
200 400 401
                                        {
    "code": "SUCCESS",
    "message": "Test result returned successfully"
    "result": "{\n  \"project_name\": \"teststage\",\n  \"application_name\": \"test stage\",\n  \"url\": \"http://example.com\",\n  \"generated_date\": \"04 Sep 2021\",\n  \"approved_date\": \"04 Sep 2021\",\n
    .
    .
    .
    -headers that disclose information.\\n* Removing any unnecessary comments.\\n* Removing all the META and generator tags\",\n      \"occurences\": [\n        {\n          \"status\": \"Fixed\",\n          \"vulnerability\": {\n            \"Method\": \"get\",\n            \"Url\": \"http://example.com/Templatize.asp\"\n          }\n        }\n      ]\n    }\n  ]\n}",
}
                                    
                                        {
    "code": "INVALID_SESSION",
    "message": "Given token is invalid"
}
                                    
                                        {
    "code": "NOT_AUTHORIZED",
    "message": "Not authorized"
}
                                
Get all test sessions under an application
Used to get the all the test sessions of a particular application.
API
GET https://api.beaglesecurity.com/rest/v2/test/sessions?application_token={application_token}&count={count}
Required scope: read_test_result
Request headers
Content-Type: application/json
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Request body
application_tokenstringrequired
A unique token for identifying the application in your account
countstringrequired
Number of test sessions fetch at once
Response
sessionsarray
List of test session object
codestring
Status code for the API call
Values are:
  • SUCCESSAPI call is success
  • PLAN_NOT_SUPPORTEDYour plan does not support this feature.
  • INVALID_SESSIONInvalid session
  • FAILEDFailed to get test sessions.
  • NOT_AUTHORIZEDUser authentication failed.
messagestring
Success/failure message for the API call

Example request
curl --location --request GET \
'https://api.beaglesecurity.com/rest/v2/test/sessions?application_token=c2bzdnqzlwtxer7pczakwr4ly5zas1qa&count=20' \
--header 'Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
                                    
// This token will be generated from Beagle security settings -> Access token
BeagleSecurityClient client = BeagleSecurityClientBuilder.instance()
    .withAPIToken("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
    .build();

// Get test sessions of application
String applicationToken = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
List<TestSession> testSession = client.getTestSessions(applicationToken, 20);
                                    
Response
200 400 401
                                        {
    "code": "SUCCESS",
    "message": "Success."
    "sessions": [
        {
            "resultToken": "s14gbjsvghjnicpf7jw09xh91rhf4bxx",
            "startTime": 1630742492974,
            "endTime": 1630742531775,
        },
        {
            "resultToken": "3qy7cuy69nis0lp0p988c0df8om2mn90",
            "startTime": 1630740444141,
            "endTime": 1630741619924,
        },
        {
            "resultToken": "g0einbv7iayf4zdev2rza4vuvp5o5gpa",
            "startTime": 1624824208627,
            "endTime": 1624829998223,
        },
    ]
}
                                    
                                        {
    "code": "INVALID_APPLICATION_TOKEN",
    "message": "Given token is invalid"
}
                                    
                                        {
    "code": "NOT_AUTHORIZED",
    "message": "Not authorized"
}
                                
Get all running tests of a logged-in user
Used to get the running tests of a user who is logged-in to their account.
API
GET https://api.beaglesecurity.com/rest/v2/test/runningsessions
Required scope: read_test_result
Request headers
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Response
codestring
Status code for the API call
Values are:
  • SUCCESSAPI call is success
  • PLAN_NOT_SUPPORTEDYour plan does not support this feature.
  • INVALID_SESSIONInvalid session
  • FAILEDFailed to get test sessions.
  • NOT_AUTHORIZEDUser authentication failed.
messagestring
Success/failure message for the API call
sessionsarray
List of test session object

Example request
curl --location --request GET \
'https://api.beaglesecurity.com/rest/v2/test/runningsessions' \
--header 'Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' 
                                    
// This token will be generated from Beagle security settings -> Access token
BeagleSecurityClient client = BeagleSecurityClientBuilder.instance()
    .withAPIToken("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
    .build();

// Get all running test sessions
List<TestSession> testSession = client.getTestRunningSessions();
                                    
Response
200 400 401
                                        {
    "code": null,
    "message": null,
    "sessions": [
        {
            "title": "Example 1",
            "url": "https://example1.com",
            "applicationToken": "f6weim5t7h2f1m855l85pms5bsn0kgw4",
            "resultToken": "lkjvfdsavgldba678w2bh2brfwfwfwgb",
            "startTime": 1628712549237,
        },
        {
            "title": "Example 2",
            "url": "http://example2.com",
            "applicationToken": "ljh465jgjl62g2lujg642kjg764264rj",
            "resultToken": "3qy7cuy69nis0lp0p988c0df8om2mn90",
            "startTime": 1630740413141,
        },
        {
            "title": "Example 3",
            "url": "http://example3.com",
            "applicationToken": "9quf44bokfy0vto2kjlmush2zglr9wn7",
            "resultToken": "3c7gnxoisjw3ys3b2s5fcbbr9ud3rtku",
            "startTime": 1630742949524,
        }
    ],
}
                                    
                                        {
    "code": "FAILED",
    "message": "Get result failed"
}
                                    
                                        {
    "code": "NOT_AUTHORIZED",
    "message": "Not authorized"
}
                                
Get all running tests of a team
Used to get the running tests of a team.
API
GET https://api.beaglesecurity.com/rest/v2/test/runningsessions?teamid={teamid}
Required scope: read_test_result
Request headers
Content-Type: application/json
Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Request body
teamidstringrequired
A unique token for identifying your team
Response
codestring
Status code for the API call
Values are:
  • SUCCESSAPI call is success
  • PLAN_NOT_SUPPORTEDYour plan does not support this feature.
  • INVALID_SESSIONInvalid session
  • FAILEDFailed to get test sessions.
  • NOT_AUTHORIZEDUser authentication failed.
messagestring
Success/failure message for the API call
sessionsarray
List of test session object

Example request
curl --location --request GET \
'https://api.dev.beaglesecure.com/rest/v2/test/runningsessions?teamid=xxxxxxxxxx' \
--header 'Authorization: Bearer xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
                                    
// This token will be generated from Beagle security settings -> Access token
BeagleSecurityClient client = BeagleSecurityClientBuilder.instance()
    .withAPIToken("xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx")
    .build();

// Get all running test sessions (with team)
String teamId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx";
List<TestRunningSession> testRunningSession = client.getTeamTestRunningSessions(teamId);
                                    
Response
200 400 401
                                        {
    "code": null,
    "message": null,
    "sessions": [
        {
            "title": "Example 1",
            "url": "https://example1.com",
            "applicationToken": "9quf44bokfy0vto2kjlmush2zglr9wn7",
            "resultToken": "6mynp3a2gyw9gb2k45jb158byk1n3dym",
            "startTime": 1628712549237,
        },
        {
            "title": "Example 2",
            "url": "http://example2.com",
            "applicationToken": "9quf44bokfy0vto2kjlmush2zglr9wn7",
            "resultToken": "6mynp3a2gyw9gb2k45jb158byk1n3dym",
            "startTime": 1630740413141,
        }
    ]
}
                                    
                                        {
    "code": "PLAN_NOT_SUPPORTED",
    "message": "Your plan does not support this feature."
}
                                    
                                        {
    "code": "NOT_AUTHORIZED",
    "message": "Not authorized"
}
                                
Start a test
Start a test session for an application that already registered and verified in the Beagle environment. Get your access token and application token from the Beagle web console.
API
POST https://api.beaglesecurity.com/v1/test/start
Request headers
Content-Type: application/json
Request body
access_token
A unique token for accessing the API
application_token
A unique token for identifying the application in your account
Response
status
Status code for the API call
status_url
URL for getting test status
result_url
URL for getting test result
result_token
A unique key for identify result session
message
Success/failure message for the API call

Example request
                                    curl --location --request POST \
'https://api.beaglesecurity.com/v1/test/start' \
--header 'Content-Type: application/json' \
--data-raw '{
    "access_token":"7i8cesnridfk0ha65ufm03gctsikiici",
    "application_token": "1iwg9chvbqb2uxvtxd8c3bf9c5t026xu"
}'
                                
Response
200 400
                                    {
    "status": "Success",
    "status_url": "https://api.beaglesecurity.com/v1/test/status",
    "result_url": "https://api.beaglesecurity.com/v1/test/result",
    "result_token": "rnlp8czjz8jssy4kl2f83l011bmexxyv",
    "message": "Test has started successfully."
}
                                
                                    {
    "status": "Failed",
    "message": "Invalid application. Start test failed."
}
                                
Get status
Get the status of a test that triggered from the API.
API
POST https://api.beaglesecurity.com/v1/test/status
Request headers
Content-Type: application/json
Request body
access_token
A unique token for accessing the API
application_token
A unique token for identifying the application in your account
result_token
A unique key for identify result session
Response
status
Status code for the API call
progress
Percentage of test completed
message
Success/failure message for the API call

Example request
                                    curl --location --request POST \
'https://api.beaglesecurity.com/v1/test/status' \
--header 'Content-Type: application/json' \
--data-raw '{
    "access_token":"7i8cesnridfk0ha65ufm03gctsikiici",
    "application_token": "1iwg9chvbqb2uxvtxd8c3bf9c5t026xu",
    "result_token":"y4lwsplywaoz135n70b7d49537zk9pbo"
}'
                                
Response
200 400
                                    {
    "status": "running" ,
    "progress": 30,
    "message": "Test has started successfully."
}
                                
                                    {
    "status": "Failed",
    "message": "Invalid application. Start test failed."
}
                                
Get result
Get the result of a test that triggered from the API.
API
POST https://api.beaglesecurity.com/v1/test/result
Request headers
Content-Type: application/json
Request body
access_token
A unique token for accessing the API
application_token
A unique token for identifying the application in your account
result_token
A unique key for identify result session
Response
status
Status code for the API call
result
Test result in JSON format
message
Success/failure message for the API call

Example request
                                    curl --location --request POST \
'https://api.beaglesecurity.com/v1/test/result' \
--header 'Content-Type: application/json' \
--data-raw '{
    "access_token":"7i8cesnridfk0ha65ufm03gctsikiici",
    "application_token": "1iwg9chvbqb2uxvtxd8c3bf9c5t026xu",
    "result_token":"y4lwsplywaoz135n70b7d49537zk9pbo"
}'
                                
Response
200 400
                                    {
    "status": "Success",
    "result": "{result_json}",
    "message": "Test has started successfully."
}
                                
                                    {
    "status": "Failed",
    "result": "null",
    "message": "Invalid applicationtoken found."
}
                                
Stop test
Stop a test session for an application that already registered and verified in the Beagle environment. Get your access token and application token from the Beagle web console
API
POST https://api.beaglesecurity.com/v1/test/stop
Request headers
Content-Type: application/json
Request body
access_token
A unique token for accessing the API
application_token
A unique token for identifying the application in your account
Response
status
Status code for the API call
message
Success/failure message for the API call

Example request
                                    curl --location --request POST \
'https://api.beaglesecurity.com/v1/test/stop' \
--header 'Content-Type: application/json' \
--data-raw '{
    "access_token":"7i8cesnridfk0ha65ufm03gctsikiici",
    "application_token": "1iwg9chvbqb2uxvtxd8c3bf9c5t026xu"
}'
                                
Response
200 400
                                    {
    "status": "Success" ,
    "message": "Stop request has sent successfully."
}
                                
                                    {
    "status": "Failed" ,
    "message": "Invalid application provided. Stop test failed."
}