Discover APIs

When a API discovery scan is performed on the web applications the potential API assets are discovered from the web applications in your subscription. 

The potential API assets discovered on the web applications are displayed in the Discovered APIs tab. The tab also displays the number of API endpoints for the discovered URLs.

Discovered APIs tab.

You can update the status of the API assets and add the discovered APIs to the subscription. The APIs tab displayed these APIs with the prefix Discovered API. Once the potential APIs are available in the APIs tab, you can perform a vulnerability scan and compliance scan. For details, View Your APIs.

Quick Actions for Discovered APIs

Mark as <status>: Mark the status of the discovered API asset as New, Approved, Ignored, Rogue. 

Status 

Description

New

A new catalog entry for an API. Our service automatically assigns this status for an API when it is created during map processing or vulnerability or WAS scan processing.

Approved

A catalog entry for an API that is approved for scanning

In Subscription 

A catalog entry that has been added to the subscription as an API asset. Users with appropriate permissions will be able to scan the API identified by this catalog entry.

Ignored

A catalog entry for an API that you would like to be ignored.

Rogue A catalog entry for a rogue API.

Edit and Add to Subscription: Use this option to edit a discovered API asset and add it to the subscription.

Add to Subscription: Use this option to add a discovered API asset to your subscription.

Quick Filter for Discovered APIs

You can use the Quick Filters to search for the discovered APIs based on their status.

For example, if you select In Subscription from the quick filters, it generates the list of all the discovered APIs added to your subscription.

Discovered APIs with quick filter