🎨 Design: API fuzzing: project level configure with group profile

Background

Based on the discovery on the previous issue, we have two personas and many tasks. And the design becomes too big to cover within one issue. So I divided the original issue into 6:

1. 🎨 Design: API fuzzing: project-level configure with local(project) profile #330481 (closed)
2. 🎨 Design: API fuzzing: project level configure: edit beaver token #331500
3. 🎨 Design: API fuzzing: project level configure edit route #331498
4. 🎨 Design: API fuzzing: project-level manage profiles #330496 (closed)
5. (This issue) 🎨 Design: API fuzzing: project-level configure with group profile #330480
6. 🎨 Design: API fuzzing: group-level manage group profile #330482

Issue number 2 and 3 will need some help of research with issue-Problem validation: How people use group-level settings and project-level settings for API fuzzing

JTBD

When I am configuring a CI/CD security scan, I want to specify which assets need to be scanned and under which circumstances, So that I can ensure my assets are secure prior to or at their release.

Target Persona

This user is focusing on the personas:

those who use group-level profiles

• Sam-Seucrity analyst
• Sasha-Dev

Scenario

This issue is focused on the following scenario:

As a person who is responsible for API fuzz testing (works on project level), when I create a new scan or modify current ones, I often face several configuration tasks, I need to set up the right target; decide it is authenticated scan or not; choose between using a project-level profile or using the group-level profile to make sure the API fuzzing scan function the best.

When I think the group-level profile is the best for the scan I am going to run. I need to think about:

• Do I directly use a group-level profile?
• Do I need to edit some part of the group-level for my project?
• What do I need to edit?

Tasks

• task 1: I want to enable API fuzzing testing for CI/CD pipeline
• task 2: I want to turn on/off authentication for API fuzzing testing
• task 3: I want to decide to use a group-level profile
• task 4: I want to edit some part of the group level profile
• task 4: I want to run the scan

Design proposal

• Figma file: https://www.figma.com/file/T3GLY9ygaPgywEuoIfOvvD/API-Fuzzing-Configuration?node-id=1050%3A1