Using the Public API
Hexiosec ASM provides a public HTTP API, built using the OpenAPI framework, that allows you to programmatically access and interact with your Hexiosec ASM data. The following page details the steps to generate your personal API key and start using the API.
We will be adding a feature to allow you to manage your API keys within Hexiosec ASM, lookout for updates regarding this and other new features.
The main documentation page for the API can be found at, https://asm.hexiosec.com/api/ui#overview.
The OpenAPI specification for the API can be downloaded from, https://asm.hexiosec.com/api/openapi.yml
You can also find out more about creating a scan using the API and paginating API requests.
Please note that the public API is not available in all Hexiosec ASM tiers. If you would like access to the API, please contact us at [email protected].
From a browser where you are logged into Hexiosec ASM:
- Click 'Try'
- From the 'Response' copy the value for crsf
- In the example, update the 'description' and 'lifetime' as appropriate
- Add the copied crsf to the request header X-CRSF-Token
- Click 'Try'
- You API key is the value under api_key
Both examples below get the organisations for the logged in user.
In the browser:
- Add the API key to the value for the 'API Key'
- Click 'Try'
- The result of the request can be seen in the 'Response' tab
In a terminal (via the steps above in a browser):
- Do the steps above
- Copy the value under the 'Curl' tab
- Paste the command and run it