DAST Site profile - Add support for APIs - Frontend
Backend counterpart - #294060 (closed)
Epic - &5088 (closed)
Why are we doing this work
To enable users to easily run API scans from web-based interfaces.
What
This issue is to add API
support in On-demand Scans DAST site profile. Using this feature, users can run scans against their APIs.
Designs
Implementation plan
-
Add the "Site type" section with Website/API
options-
DAST Site Profile Form -
Profile summary
-
-
Hide username & password form fields when API
option is selected-
Make sure to not send auth related fields in mutation Payloads
-
-
Update GraphQL queries / mutations as per &5088 (closed) -
Rollout changes behind the feature flag security_dast_site_profiles_api_option
-
Add test coverage
Edited by Dheeraj Joshi